In the digital world, it’s super important to be aware of any trending scams or incidents where people might try to take valuable information from you.
These days, as technology has progressed, unfortunately, so have the types of scams and tricks hackers and malicious people use. Something as simple as a link in a text message could get you to share your email login with someone who has bad intentions. That’s why it’s always a good idea to stay up to date with today’s dangerous scams and tricks. Read more about three of them that tech pros warn against below.
Women Are Swapping Their Boring Water For This Ice Pop Electrolyte Mix!
1. Smishing-to-Account-Takeover Scams
If you're someone who is online a lot, using apps and websites to get a lot of your important tasks done, like paying your bills or updating any other documents, then you know the value of a secure login. This kind of scam finds ways to get your login information for crucial sites.
"One of the most disturbing phishing and social-engineering attacks being perpetrated today against iPhone customers is called 'Smishing-to-Account-Takeover,' a hybrid phishing-social-engineering attack," explains cybersecurity expert Jacob Kalvo. "The scammer sends an extremely polished SMS or iMessage alert with a claim such as, 'Your Apple ID has been temporarily locked due to suspicious activity' or 'Unrecognized login attempt made in another country.' The alert contains a link that appears valid upon first inspection."
"These links may contain slight variations on domains that resemble Apple's domain structures, but when you click on the link, you will be directed to a nearly perfect replica of the Apple ID Login Page," he continues. "Therein lies your problem. Not only do you have to enter your login credentials, but you are also required to enter your Two-Factor Authentication (2FA) code(s). In many instances, the scammers are utilizing both your stolen credentials and your real-time 2FA codes to obtain full control over your account. After gaining access, they lock you out of your account in a matter of minutes."
2. Apple iMessage Bypass Scam
Again, many big tech companies are working hard to keep up with the times and build security features that can help prevent scammers from reaching out to you. Still, this Apple iMessage Bypass scam, slightly similar to the one above, includes one extra step to seem unassuming.
"It's targeting millions of iPhone users right now," notes tech pro Michael Routhier. "Here's the setup: you get a text that looks exactly like it's from Apple. Says something like, 'Your Apple Pay has been suspended due to suspicious activity.' Super alarming if you actually use Apple Pay. Here's the sneaky part. Apple built a safety feature into iMessage that automatically disables links in messages from people you don't know. But scammers figured out the workaround. The message asks you to reply with something simple, just 'Y' or 'No.' The moment you do that, iMessage thinks, 'Oh, this person knows this sender,' and those dangerous links go live."
"What makes this so effective is that it hits two things at once, trust and panic," he adds. "You trust Apple. And suddenly Apple is telling you something is wrong. Your brain goes straight into fix-it mode, and that's exactly where scammers want you. The rule I keep repeating: Apple will never ask you to reply to a text to verify anything. Ever. If you get a message like this, don't reply, don't click, don't call any number in the message."
3. Free App Scams
There are a lot of smartphone users who love having a lot of apps on their devices for entertainment or for convenient tools that they're convinced can make their day easier. But there are things to look out for when it comes to using third-party apps, especially those that pop up in flashy advertisements.
"A very similar dynamic happens in free apps promoted via ads," says tech pro Shlomi Beer. "These often target iPhone users specifically, promising utilities such as PDF editors, tax form fillers, etc. Instead of going through the App Store, those are web applications that make the user upload sensitive images, documents, or PDFs and scan and store the information of the user for further hyper-personalized attachments in email or messaging phishing."
