SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Email Security
#
Personal Computing Devices
#
Phishing

Apple iPhone 16 launch triggers wave of scams – Kaspersky

Thu, 12th Sep 2024
Author image
By Shannon Williams, Journalist

As Apple prepares to launch the iPhone 16, cybercriminals are already exploiting the hype with scams targeting eager fans.

Kaspersky researchers have discovered that threat actors are luring users with fake pre-orders, early-adopter offers, and bogus technical support—all packaged in convincing websites that lead only to financial losses and disappointment.

The new iPhone 16 is set to be unveiled during the “Glowtime” event on Monday, September 9, 2024, with official invites for the event sent out in August. If tradition holds, the devices are expected to hit stores on Friday, September 20th. Anticipated enhancements include AI-powered capabilities, revamped hardware, larger screens, sleeker frames, and a range of new colours. Rumours surrounding the latest device began circulating over the summer, giving cybercriminals an early warning.

As the event approaches, researchers at Kaspersky have discovered fraudulent activity surrounding the launch. One common scam used by the threat actors offers early adopters the chance to pre-order the latest iPhone with a nearly 40% discount. Victims are directed to a slick website showcasing shiny new iPhones, enticing them with the promise to “be among the first to enjoy cutting-edge technology.” Once they click through, they're asked for their billing and shipping information, with the option to pay via PayPal. A fake invoice is generated upon clicking ‘add to cart’ or ‘buy,’ factoring in tax and shipping, and even offering “free shipping” for orders over USD $1,000. Once the payment is submitted, victims soon realise the money has disappeared from their account, but no iPhone is delivered. Even more concerning, the fraudsters now possess their personal information, which can be sold on the dark web.

Another scam found by Kaspersky’s experts is an offer for iPhone technical support which would enable users to update their mobile device. The fake site, which is in Spanish and presumably aimed at Latin American users, also purports to take them through to a page where they can report the phone’s loss or theft, and another to help them find their device. At the bottom, victims are also given the option to reach a repair service. In return, all the page asks is to sign in with an Apple ID on a page which is strangely in English.

Although filling in just one credential might not seem significant, iPhone users understand that if someone steals your Apple ID, they essentially hold the keys to your digital kingdom. Fraudsters can access personal details such as name and email address and sell them on the dark web. They can also infiltrate your iCloud account, gaining access to photos, documents, and device backups. Even more concerning, they can make unauthorised purchases, view your account balance, and take money from your Apple Wallet. Worst of all, your device can be locked and held for ransom.

“As with most new technological releases, the launch of the iPhone 16 has generated massive excitement. Cybercriminals are quick to exploit this hype, so it's precisely at times like these that consumers should be extra vigilant. When making new purchases, stick to official channels, be sceptical of deals that seem too good to be true, and always verify URLs before sharing any personal information. Scammers are counting on eager fans letting their guard down, so vigilance is key,” says Olga Svistunova, security expert at Kaspersky.

To avoid falling victim to scams like these, Kaspersky experts recommend adhering to several precautions:

  • Stick to official channels: Only purchase or pre-order the iPhone 16 through official retailers like Apple's website or trusted partners. Avoid clicking on links from unfamiliar websites or promotional emails, no matter how attractive the deal.
  • Be sceptical of deals that seem too good to be true: Cybercriminals often lure people in with offers of huge discounts or early access. If an offer seems too good to be true—such as a 40% discount or exclusive pre-order access—it is likely a scam.
  • Double-check URLs and email addresses: Scammers often create fake websites that look nearly identical to legitimate ones. Always verify that the URL starts with "https://" and matches the official Apple domain. Similarly, be cautious of emails from unofficial-looking addresses.
  • Don’t share personal information: Be wary of any website or email asking for sensitive information like credit card details, personal identification numbers, or Apple ID password. Apple will never ask for this kind of information via unsolicited emails or links.
  • Enable Two-Factor Authentication (2FA): Safeguard online accounts, especially those linked to payment methods, with 2FA. This extra layer of security makes it harder for scammers to access personal information.
  • Verify pre-order news: If hearing about a special offer or pre-order deal, confirm it on Apple’s official website or news channels.
  • Keep an eye on your device’s activity and report suspicious transactions: If receiving a questionable email, report it to Apple or the appropriate authorities.
  • Report questionable offers: If coming across a suspicious website or phishing email, report it to Apple. This can help protect other users from falling for a scam.
  • Use a trusted security solution: An automated security solution, like Kaspersky Premium, will protect from all known and unknown scams.
  • Stay informed: Stay current on common scams and cybersecurity best practices.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Sophos report reveals education sector's ransomware battle
Gen reveals 24% rise in ransomware attacks on consumers
Content platforms exploited for phishing attacks, warns Barracuda
HID expands Signo Readers line to suit diverse customer needs
How MDR will transform cybersecurity in the mid-market
Top stories
Global video monitoring spend to top USD $89bn by 2024
Financial services face rising DDoS threats – Akamai
Cybercriminals exploit content platforms for phishing attacks
Mike Upton joins e2e-assure as Head of Public Sector
Lenovo & SentinelOne team up to boost global PC security