Hacker allegedly posed as Apple Support to scam user out of $1,500
A Pennsylvania iPhone user claims that her call to Apple Support was intercepted by a hacker who proceeded to remotely install apps and transfer money out of her bank account.
Apple iPhone
Donna Francis, of Baden, in Beaver County, western Pennsylvania, says that she initially ignored an incoming call purporting to be from "Xfinity Apple Support." When she later called Xfinity directly, the company had no knowledge of her alleged call, and recommended that she phone Apple. Xfinity does not have an Apple support division.
Francis then says she dialed the support number on Apple's website which she said she got from her packaging from the iPhone. She says that the call was answered by a woman who took down her information, and then was routed through to someone who warned her about hacking attempts.
"He said, 'You don't want to waste any time, people from Russia and China are hacking into your account,'" Francis told Pittsburgh Action News. "He said, 'They've just charged $5,000 to your account."
With that information, the person on the phone persuaded Francis to allow the fraudster to remotely install software onto her iPhone.
"Before I knew it," she continues, "he was opening up my Huntington [bank] account and I said, 'Why are you opening up my Huntington account?' He said, 'This is where I think they're taking money.'"
"He was sending $1,498 -- that's what I had in my account -- to himself," says Francis. "And I said, 'What are you doing? You're supposed to be helping me!'"
Reportedly the person then ended the call and Francis appears to have permanently lost almost $1,500. According to Pittsburgh Action News, the local bank branch manager said it looks to the bank as though she approved and sent the money to this person.
Francis has reported the incident to the bank, the local police, and the FBI. Pittsburgh Action News also contacted the FBI, saying that the number Francis reportedly dialled is the correct Apple Support one, so it must have been intercepted.
"I think that's probably technically possible," an FBI official is reported to have said. "But we aren't seeing any trends of huge incidents of that happening locally or nationally."
In regards to the caller ID information saying that it was some sort of Xfinity Apple Support -- US caller ID information isn't always reliable. It isn't difficult for a fraudster to spoof a caller ID display, for a number that a user doesn't have in their Contacts on an iPhone.
If it were some kind of cell intercept, the FBI's information about not seeing a trend is significant because a scam that nets $1,500 is not worth the cost of any potential intercept hardware.
Assuming Francis separately looked up Xfinity's number rather than tapping on her iPhone's Recents to call back, then Xfinity reporting that they don't have an Apple Support desk should have been the end of the entire matter.
Furthermore, Apple support or security personnel won't ask users to install remote access software, because there is no legitimate reason to do so. Instead, they recommend an Apple Store visit to evaluate the device.
Additionally, Apple support personnel would have no information on any ongoing hack of a user's bank in real-time.
Apple iPhone
Donna Francis, of Baden, in Beaver County, western Pennsylvania, says that she initially ignored an incoming call purporting to be from "Xfinity Apple Support." When she later called Xfinity directly, the company had no knowledge of her alleged call, and recommended that she phone Apple. Xfinity does not have an Apple support division.
Francis then says she dialed the support number on Apple's website which she said she got from her packaging from the iPhone. She says that the call was answered by a woman who took down her information, and then was routed through to someone who warned her about hacking attempts.
"He said, 'You don't want to waste any time, people from Russia and China are hacking into your account,'" Francis told Pittsburgh Action News. "He said, 'They've just charged $5,000 to your account."
With that information, the person on the phone persuaded Francis to allow the fraudster to remotely install software onto her iPhone.
"Before I knew it," she continues, "he was opening up my Huntington [bank] account and I said, 'Why are you opening up my Huntington account?' He said, 'This is where I think they're taking money.'"
"He was sending $1,498 -- that's what I had in my account -- to himself," says Francis. "And I said, 'What are you doing? You're supposed to be helping me!'"
Reportedly the person then ended the call and Francis appears to have permanently lost almost $1,500. According to Pittsburgh Action News, the local bank branch manager said it looks to the bank as though she approved and sent the money to this person.
Francis has reported the incident to the bank, the local police, and the FBI. Pittsburgh Action News also contacted the FBI, saying that the number Francis reportedly dialled is the correct Apple Support one, so it must have been intercepted.
"I think that's probably technically possible," an FBI official is reported to have said. "But we aren't seeing any trends of huge incidents of that happening locally or nationally."
How to protect yourself from a similar fraud attempt
The incident is not one where hacking tools were applied directly to the iPhone, nor applied without an interaction by the phone's user. Instead, this attack was executed by a combination of perhaps a cell intercept, paired with a social engineering attack, convincing the user to install the remote access software. The report isn't clear about which remote access software was installed, or how it was done.In regards to the caller ID information saying that it was some sort of Xfinity Apple Support -- US caller ID information isn't always reliable. It isn't difficult for a fraudster to spoof a caller ID display, for a number that a user doesn't have in their Contacts on an iPhone.
If it were some kind of cell intercept, the FBI's information about not seeing a trend is significant because a scam that nets $1,500 is not worth the cost of any potential intercept hardware.
Assuming Francis separately looked up Xfinity's number rather than tapping on her iPhone's Recents to call back, then Xfinity reporting that they don't have an Apple Support desk should have been the end of the entire matter.
Furthermore, Apple support or security personnel won't ask users to install remote access software, because there is no legitimate reason to do so. Instead, they recommend an Apple Store visit to evaluate the device.
Additionally, Apple support personnel would have no information on any ongoing hack of a user's bank in real-time.
Comments
Three, I don't know of any remote control software for any iPhone. So something doesn't add up in this story and how did that person get all of the banking information to take that money.
How is it that our lawmakers don’t find this phone situation to be an egregious systemic problem just from their own personal experiences?? Do they not handle their own phones?
This is part of what makes me feel like my society is just plain insane. We seem to have zero governance over this shit.
They had the user download an app from the App Store that gives this kind of control over the iPhone: which app would that be?
They were able to locate which bank and log in without help: unlikely although opening the bank app could trigger a faceId login
The remote control app was able to launch another app without the users input: current iOS requires this action to be manually approved
There’s a lot of pieces of this story that don’t add up and without more detail I’m calling BS.
That being said, it is way too easy for people to get scammed and their bank accounts plundered. There seems to be almost no security surrounding ACH. Apple is one of the worst companies at financial security. It is why their gift cards are so often used by scam artists to steal money from gullible people. Apple allows their gift cards to be purchased by anyone, transferred to anyone else and the funds used by anyone anywhere. There seems to be no tracing of transactions at all.
I guess you think all social engineering hacks don't add up either because you just don't believe they can occur. Because you don't know of any apps that can control the iPhone don't exist, you must think it is fake? How did the person get the banking information? Her banking app on the phone was opened up.
Sad that so many people don't believe in social engineering hacks because it is a phone and not a hard wired computer to be hacked.
I guess none of you have received phishing emails from various companies trying to dupe people into social engineering hacks. I guess those must not be true either because you all seem to think they are fake because it did not happen to you.
Look at all the Apps that Apple removed from the App Store because their screening process failed to identify rogue apps that are designed to steal your information right off your phone.
However. I’m guessing this is old news by now.
My own doctor laughed and gave me the “PFFFT noise: everybody knows about that scam!!!”
These cybercrime rings who are having massive success by posing as tech support are mainly using AnyDesk.
My first mistake: I’d spent more than a week dealing with my bank refusing to fix some unknown issue that wouldn’t allow me to add my new debit card to my Apple wallet. Suntrust, soon to be Truist—branch manager’s response was “what’s an apple wallet?”
Running out of time, as some important bills are auto paid that way, AND stupidly losing my temper (which is rare, and simply makes me just that stupid), I GOOGLED the number for Apple tech support. These people had coded in a very convincing imposter listing.
So, what’s very creepy— well… besides the massive loss of money (massive for me), The Most Critical private information stolen, even more expense in spending $30 a month for IdentityGuard (dude—he got enough info to WRECK my tiny life to superbly frightening degrees)…he managed a FLAWLESS impersonation of a tech support person.
I’ve had macs since 1985. Tech support is a call I’ve made to Apple perhaps 3 times in 25 years—not because I’m smart; a credit to their consistently intuitive interface. So I actually don’t have any sense of their general protocol. Except Apple is exceedingly patient and almost always the kindest support I’ve encountered.
Reading the other comments above…SIGH. I’m writing the tale of my dimwittedness in a forum of some exceptionally intelligent people. I’m genuinely sorry for wasting the time of you folks.
jb