Friend
Professional
- Messages
- 2,670
- Reaction score
- 882
- Points
- 113
Fake AppleCare+ is massively used to deceive users.
Malwarebytes experts have uncovered a fraudulent campaign targeting Mac users who are looking for support or an extended warranty through the AppleCare+ service. Attackers buy ads on Google to lure potential victims to fake pages hosted on GitHub.
The main goal of the scammers is to link the victim to Apple "employees" who are actually call center operators engaged in social engineering. These fake agents convince people to hand over money or personal data to them.
Pages that mimic the official AppleCare+ support site are hosted on GitHub as HTML templates using Apple's logos and style. Scammers create multiple accounts on the platform, each containing a repository with identical fake content. To avoid blocking, phone numbers on such pages change frequently, as the history of changes on GitHub has shown.
A feature of this fraud is the automatic call of the dial box, which makes it easier to contact fraudsters. Just two clicks - and the victim is already in touch with a fake "employee" of the support service.
Scammers take advantage of the fact that many users trust Google ads and land on fake pages. Such pages can look almost like official pages, thanks to the use of Apple logos and designs. Ads with fake links may appear higher than the official results in the SERPs, which makes them even more dangerous.
The main risk for the victims is the loss of large sums of money. Scammers often ask victims to transfer money from their bank accounts in a variety of ways. In addition, in some cases, fraudsters collect personal data such as address, social security number, and bank details, which allows them to blackmail the victim or share their details with other attackers.
Experts urge caution when looking for phone or online support, especially when it comes to popular brands. Even by clicking on sponsored search results, there is a risk of landing on fake sites.
Source
Malwarebytes experts have uncovered a fraudulent campaign targeting Mac users who are looking for support or an extended warranty through the AppleCare+ service. Attackers buy ads on Google to lure potential victims to fake pages hosted on GitHub.
The main goal of the scammers is to link the victim to Apple "employees" who are actually call center operators engaged in social engineering. These fake agents convince people to hand over money or personal data to them.
Pages that mimic the official AppleCare+ support site are hosted on GitHub as HTML templates using Apple's logos and style. Scammers create multiple accounts on the platform, each containing a repository with identical fake content. To avoid blocking, phone numbers on such pages change frequently, as the history of changes on GitHub has shown.
A feature of this fraud is the automatic call of the dial box, which makes it easier to contact fraudsters. Just two clicks - and the victim is already in touch with a fake "employee" of the support service.
Scammers take advantage of the fact that many users trust Google ads and land on fake pages. Such pages can look almost like official pages, thanks to the use of Apple logos and designs. Ads with fake links may appear higher than the official results in the SERPs, which makes them even more dangerous.
The main risk for the victims is the loss of large sums of money. Scammers often ask victims to transfer money from their bank accounts in a variety of ways. In addition, in some cases, fraudsters collect personal data such as address, social security number, and bank details, which allows them to blackmail the victim or share their details with other attackers.
Experts urge caution when looking for phone or online support, especially when it comes to popular brands. Even by clicking on sponsored search results, there is a risk of landing on fake sites.
Source
