Smishing Scam Lures Victims into Fake Apple Testing Program with Fake Apple Chatbot
An iPhone scam promising free iPhone 12 to victims was spotted as a smishing attack. The hackers send a text message to victims hoping to lure them in to giving up the credit cards as part of a fake Apple testing program.
Smishing is a form of a cyber attack. Hackers and scammers send SMS (short message service) text messages to victims hoping to lure them into clicking on a link in the text message or replying to the message. Smishing is the text message form of email phishing.
Scam text messages can easily trick recipients who either don’t suspect anything or think a text message cannot cause harm even when they are obvious scams. SMS text messages are limited to just 160 characters per message. So smishing scammers are likely to use a link shortener to save character space which your phone will recognize as a clickable link. Their typical grammar errors will look less obvious too.
A shortened link and choppy text would be suspicious looking as an email but appear normal in a text message because of the 160-character limit.
Free iPhone Scam
In this free iPhone scam, spotted by cyber security researchers at Sophos, the hackers send a phishing SMS text to a phone number in order to lure the recipient into clicking on a link. The goal of this smishing message is to verify that the user’s cell phone number is active and monitored.
After the recipient clicks on the link in the first SMS text message, they then receive a response from a fake Apple chat bot. This smishing message informs the recipient that they have the opportunity to be part of an Apple test group and get a free iPhone 12.
The iPhone 12 does not exist. And neither does the Apple 2020 Testing Program.
The fake chat bot message also contains a cloaked link. If the user taps the link, a web browser opens on their phone and they are sent to a spoof web page. The page contains enticing messaging about the Apple test program and prompts the reader to answer some survey questions. If the reader answers the questions correctly then they will qualify to be part of an Apple testing program and receive a free Apple iPhone 12. The survey along with the testing program and iPhone 12 are bogus.
Of course, everyone who answers the questions qualifies to be in the fake test group. However, there is one more hitch. The test group people are told they must enter payment information to cover a £1 to £2 shipping charge.
And that’s the free iPhone scam. Once the victim enters in payment information the compromised payment card numbers are sent directly to the hackers.
How to Recognize a Smishing Scam
Don’t be fooled by the free iPhone scam. This SMS text phishing scam is a little bit difficult to recognize because it is well made. Even the credit card entry page uses a security certificate so as not to cause an alarm from the readers web browser
- If something seems too good to be true, like a free iPhone for example, you know that it’s most likely a scam. There is no way Apple is giving out free iPhones to random people.
- Read our guide on how to spot a phishing email
- Scams often require a small payment in this case it’s one or two pounds for shipping charges. There is no shipping or delivery happening here, this is just an attempt to get your name address, and credit card numbers
- Hackers and scammers often launch scams against people in other countries and so they are writing their messages in second languages – so they often make spelling mistakes. It’s harder to spot these spelling and grammar errors in text messages because of character limitations. However, these iPhone scam messages and spoof webpages do contain mistakes.
- Never click on links and emails or text messages from people you don’t know
- Even if you do know the sender, but weren’t expecting a message with a link or attachment, call them to verify that they sent it
- Consider using anti-malware or anti-spam app on your phone to help that act and guard against smishing text messages and phishing emails