Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: LSourtzo
LSourtzo Author
User level: Level 1
12 points

Possible no click attack. How can I know?

3 days ago I accidentally entered a site through a link.


Here's what happened right after.


I have defaulted every link to open in private browsing in safari as it did.


As soon as the safari opened, I instantly received a call on my mobile from a number within my country that I didnt know, so I picked it up, but it was immediately disconnected.


What worried me the most, was that when ending the call, going back to safari, I have set by default to check biometrics, it told me twice that the face id is not recognized.


after that I push power button and back againg to re-enter on device and it worked normally.


Calling number from a landline I found out that this does not exist!!!


20 minutes later I received a call on watchapp from a huge foreign number which of course I didn't answer.


Then I received several more calls from other local cell phones which I did not answer until I diverted all the unknown numbers to voicemail and so 2-3 calls later stopped.


I have read about the No click attack method, and how can be possible by calling you in watchapp and I am really worried if this call was such an attack?

I also read that Apple phones they were vulnerable until December when the article was written, when aple takes the necessary actions.


what i did next is:


  1. I deleted cookies and data from safari.
  2. I changed apple id password, But through the same device if this change enything.
  3. I checked for unrecognised apps or strange behavior on my mobile. (did not found any until now)
  4. I checked if I have any suspicious settings in my vpn or email. (everything look find)
  5. I updated my mobile with the latest update.
  6. i delete and reinstalle watchapp.


i called local apla support for more info but all they said was to reassure me that i look safe after what i did.


But i still worry about if there is a way someone could get into my cell phone and still have access to it or my information.


So I'm asking the community hoping for your experience to figure out if there really is anything to worry about.


Οf course my mobile is fully updated and not jailbroken.


It's an iPhone 12.


From your experience...

If they had managed to get into my cell phone I would have had some clues by now?

or maybe they work quietly until they have what they want?


Thanks in advanced for your help.

looking forward for your responds and sorry for the big test above.


iPhone 12, iOS 17

Posted on Mar 9, 2024 12:07 AM

Reply
Question marked as Top-ranking reply
User profile for user: IdrisSeabright
IdrisSeabright
User level: Level 10
176,639 points

Posted on Mar 28, 2024 8:20 AM

Answer the following questions:


  1. Has your phone been jailbroken?
  2. Has anyone had unsupervised access to your phone will it was unlocked for a significant length of time?
  3. Are you a high-profile journalist, activist or politician whose data would be worth hundreds of thousands of dollars to acquire?


If the answer to those questions is "No", the likelihood that your phone has been compromised is basically zero. Clicking on links is how you get to websites. If that were incredibly risky, we'd all be hacked. It's not. The fact that you got a call from a number you didn't recognize is co-incidence. I get calls I don't recognize a dozen times a week.


If you went the the website and gave that website personal information, you might have increased the risk for identity theft of some kind. But that's stll not hacking your phone.



LSourtzo wrote:

Another strange thing I noticed is that when I tried to enter from the settings in FaceID and password it said a failed attempt, I had months to enter the module !

I don't know what that means. What do you mean by "module"?

View in context

Similar questions

5 replies
Sort By: 
Question marked as Top-ranking reply
User profile for user: IdrisSeabright
IdrisSeabright
User level: Level 10
176,639 points

Mar 28, 2024 8:20 AM in response to LSourtzo

Answer the following questions:


  1. Has your phone been jailbroken?
  2. Has anyone had unsupervised access to your phone will it was unlocked for a significant length of time?
  3. Are you a high-profile journalist, activist or politician whose data would be worth hundreds of thousands of dollars to acquire?


If the answer to those questions is "No", the likelihood that your phone has been compromised is basically zero. Clicking on links is how you get to websites. If that were incredibly risky, we'd all be hacked. It's not. The fact that you got a call from a number you didn't recognize is co-incidence. I get calls I don't recognize a dozen times a week.


If you went the the website and gave that website personal information, you might have increased the risk for identity theft of some kind. But that's stll not hacking your phone.



LSourtzo wrote:

Another strange thing I noticed is that when I tried to enter from the settings in FaceID and password it said a failed attempt, I had months to enter the module !

I don't know what that means. What do you mean by "module"?

Reply
User profile for user: LSourtzo
LSourtzo Author
User level: Level 1
12 points

Mar 28, 2024 8:30 AM in response to IdrisSeabright

  1. Has your phone been jailbroken? NO
  2. Has anyone had unsupervised access to your phone will it was unlocked for a significant length of time? NO
  3. Are you a high-profile journalist, activist or politician whose data would be worth hundreds of thousands of dollars to acquire? NO


only what I say to first post ... and from then until now only 1 trasaction from my card to cranchroll ...



Reply
User profile for user: IdrisSeabright
IdrisSeabright
User level: Level 10
176,639 points

Mar 28, 2024 9:48 AM in response to LSourtzo

LSourtzo wrote:

Is it possible that recognise my phone number via safari under incognito window and thats why call me back right after click ?

Someone called you after you clicked. As I said earlier, that doesn't mean it has anything to do with that website.


or install via safari something in my phone that give them access to hackme with a call from watchapp ?

No, that didn't happen.

how can you explain the transaction to the site from my card ?

If you have a charge on your card from a vendor you don't recognize, you should contact your card issuer for instructions on disputing the charge.

Reply
User profile for user: LSourtzo
LSourtzo Author
User level: Level 1
12 points

Mar 28, 2024 9:34 AM in response to IdrisSeabright

If you went the the website and gave that website personal information, you might have increased the risk for identity theft of some kind. But that's stll not hacking your phone.

first of all many many thanks fro your responce !!!


No i Did not.

Is it possible that recognise my phone number via safari under incognito window and thats why call me back right after click ?


or install via safari something in my phone that give them access to hackme with a call from watchapp ?


how can you explain the transaction to the site from my card ?

Sorry tha i Ask all this but i am realy worry about it ...

Reply

Possible no click attack. How can I know?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up