Learn about the various iMessage scams, how to recognize, block, and report them to Apple, and recover if you have fallen prey to a scam.
phishing
5 Best Antivirus Tools for MacBook Pro 2024
Still looking for the best antivirus software for your Mac? Arnold Zafra rounds up the five best antivirus for MacBook Pro 2023.
Phishing Attack Leaves DoorDash User Data Exposed, Company Says No Identity Theft or Fraud So Far
Reports from DoorDash indicate that the company underwent a phishing attack, exposing users data. So far data has not been used for harm.
Cryptowallet MetaMask Warns Apple Users to Beware of Phishing Attacks
Cryptowallet MetaMask has recently announced in a series of Tweets that Apple users should build strong passwords to avoid phishing scams.
Intuit Warns Customers of Tax Phishing Emails
Intuit has released security warnings for customers about tax phishing emails some people have received, and tips to spot them.
How Thieves are Stealing Apple ID Credentials for Stolen iPhones
A report from India Today shares the story of how thieves tricked an Apple user to steal his credentials in order to unlock the iPhone they stole.
Vedant narrated his ordeal on Twitter and urged users to be aware of the types of attacks that can be used to extract sensitive information from users. He revealed that the first thing he did after losing his phone was log in to the Find My app with his Apple ID using his MacBook and try to get the phone’s exact location through the Find My app.
Classic phishing attack.
Dental Data Breach Affects 125,000 Patients in 10 States
North American Dental Management suffered a data breach between March 31 and April 1, 2021. It happened as the result of phishing. This group provides administrative and technical support services for Professional Dental Alliance (PDA) offices.
PDA said that it had not found any evidence of any actual misuse of personal information and that its investigation of the matter indicates that the attack was limited to email credential harvesting.
The threat actor did not access PDA’s patient electronic dental record or dental images; however, the Alliance found that some sensitive personal information may have been present in the compromised email accounts.
The breach was reported to the DHS’s Office for Civil Rights, impacting 125,760 patients in Connecticut, Florida, Georgia, Illinois, Indiana, Massachusetts, Michigan, New York, Texas and Tennessee.
Researchers Uncover a Phishing Kit Used by Two Criminal Gangs
Led by Noam Rotem, vpnMentor’s research team has discovered two separate criminal gangs using slightly altered versions of the same phishing kit to scam people across the globe.
It appears the phishing kit was being used to target people mostly living in Israel and France by two separate criminal gangs. However, we believe these two groups operate phishing websites and SMS operations based on the same phishing kit, possibly obtained from the same source. In addition, at least one of them is potentially affiliated with the OpIsrael political hacking group.
Security Friday: Leaks, Phishing and Updates – TMO Daily Observations 2021-08-06
Andrew Orr joins host Kelly Guimont for Security Friday news and updates, including This Week in Data Leaks, and an update to a previous tip.
Microsoft Warns Office 365 Users of New Phishing Campaign
Microsoft’s Security Intelligence team issued a warning to be on the lookout for an active phishing campaign targeting Office 365 users.
DNA Company ‘GEDmatch’ Hacked in Data Breach
First, over a million DNA profiles from GEDmatch were leaked. Then, email addresses from the breach were used in a phishing attack against users of genealogy website MyHeritage.
As a result of this breach, all user permissions were reset, making all profiles visible to all users. This was the case for approximately 3 hours. During this time, users who did not opt in for law enforcement matching were available for law enforcement matching and, conversely, all law enforcement profiles were made visible to GEDmatch users.
If GEDmatch sounds familiar, it was the DNA database used to identify the Golden State Killer.
Security Friday, App Store Turns Twelve – TMO Daily Observations 2020-07-10
Charlotte Henry joins host Kelly Guimont to discuss Security Friday news items and tips, and the twelfth birthday of the App Store.
US Government Agencies Expose New North Korean Malware Campaign
US Cyber Command, DHS, and FBI have exposed a new North Korean campaign of malware and phishing, with six new families of malware.
Battery/Email PSAs, Siri Spotify Teamup – TMO Daily Observations 2019-08-14
Andrew Orr and Charlotte Henry join host Kelly Guimont to talk about a couple of PSAs for Apple folks and how Siri and Spotify might team up.
New ProtonMail Anti-Phishing Feature Makes You Confirm
For the past several days I’ve seen a new dialog box whenever I tap on a link in ProtonMail for iOS. It turns out that it’s a new ProtonMail anti-phishing feature.
Another security improvement is our new link confirmation modal, which is now enabled by default on all our apps. This anti-phishing feature helps you avoid opening a link by mistake or going to a different page than you intended.
How to Break Into an iCloud-Locked iPhone
Hackers, thieves, and independent repair companies can find ways to break into iCloud-locked iPhones.
The iCloud security feature has likely cut down on the number of iPhones that have been stolen, but enterprising criminals have found ways to remove iCloud in order to resell devices…Making matters more complicated is the fact that not all iCloud-locked phones are stolen devices—some of them are phones that are returned to telecom companies as part of phone upgrade and insurance programs.
TL;DR: Phishing, mugging, and social engineering are methods. You can even remove the CPU and reprogram it by stealing an unused IMEI.
An Inside Look Into a Recent Spam Operation
Millions of people were affected for 10 days in March by a spam email operation. But the spammer didn’t set a password for their server (via TechCrunch). [Apple Support Scam is a new Voice Phishing Trick] Email Spam It’s a fascinating story. Security researcher Bob Diachenko found the server after the operation. The spammer had…
Celebgate Hacker Gets 34 Months in Prison
Former school teacher Christopher Brennan—Celebgate hacker—was recently sentenced to 34 months in prison after pleading guilty.
Email Scams Increasingly Involve iTunes Gift Cards
Email scams are increasingly involving iTunes gift cards, instead of the old wire transfers. Lily Hay Newman as the scoop.
This trend is on the rise among scammers, both for individual targets and organizations. The Federal Trade Commission reported in October that 26 percent of people who report being scammed in 2018 said they bought or reloaded a gift card to deliver the money, up from seven percent in 2015. The FTC says that gift card-related losses reported to the agency totaled $20 million in 2015, $27 million in 2016, $40 million in 2017, and $53 million in the first nine months of 2018 alone.
Apple Support Scam is a new Voice Phishing Trick
Brian Krebs reported today that a woman got an Apple Support scam via an automated phone call. And it looked like a legitimate call from Apple.
Bent iPads, Phishing Scams – TMO Daily Observations 2018-12-20
Andrew Orr joins Kelly Guimont to talk about Apple’s ¯\_(ツ)_/¯ response to bent iPads and the latest phishing email making the rounds.
The Latest App Store Phishing Scam is Tough to Spot
People have reported getting a fake receipt claiming to be a purchase confirmation by Apple.
Apple Apologizes for Chinese Apple ID Hacks
Apple has apologized over a string of Chinese Apple ID hacks. Certain Apple customers were victims of a phishing attack.
iCloud Storage is too Low, Bryan's Phishing Scam Encounter - TMO Daily Observations 2018-08-27
Bryan Chaffin and Andrew Orr join Jeff Gamet to look at how Apple’s free 200 GB iCloud storage for two months offer underscores how the standard 5 GB is far too low, plus they look at a new phishing scam Bryan encountered.