Is this legit or scam?
Just got this text and I’m trying to figure out if it’s a scam. Any help would be appreciated. TY
[Edited by Moderator]
Just got this text and I’m trying to figure out if it’s a scam. Any help would be appreciated. TY
[Edited by Moderator]
Very common scam in wide circulation.
All ApplePay payment security is enforced by the payment card issuers. (Your bank)
And banks don’t “think about it” — They immediately Approve or Reject — and then move-on to the next transaction.
Apple isn’t even a party in transaction execution.
Very common scam in wide circulation.
All ApplePay payment security is enforced by the payment card issuers. (Your bank)
And banks don’t “think about it” — They immediately Approve or Reject — and then move-on to the next transaction.
Apple isn’t even a party in transaction execution.
The first clue it’s a scam is right there in the text. Legitimate institutions trying to prevent fraud, like your bank, do the exact opposite of the text you received.
Legitimate institutions will stop the fraudulent transactions dead in it’s tracks and require you to talk to the banks fraud department in order to approve the transaction. If you didn’t initiate the transaction, you do nothing.
The text is exactly the opposite. A temporary pause does nothing to prevent fraud. This temporary pause gives you a sense of urgency and creates a call to action for you to share your financial and personal information with the scammers. You’re susceptible to social engineering and this Apple Support article is designed to help you learn what social engineering is and help you from falling victim to it.
Yes, it's a scam. Just doing a web search on the phone number will tell you it has nothing to do with Apple.
Ignore and delete.
You can learn more about how payment fraud detection works, because that scam lied about it:
That scam lied about other things, too. Learning how this works can make recognizing other similar scams easier.
Sometimes it's difficult to tell what the scammer is trying to accomplish. Most times, the phone number they stick in these scams goes nowhere. That is, there's no matching location at all. Others, like this one, actually exist for a business somewhere. But if you call that number, wouldn't it then connect to the business rather than the scammer?
That being the case, I would have to guess the number is a fake link with a different number underneath. So when you tap on it, the number you see is not the one it calls. Basically, the same simple trick you can do on a web page. Like this link that says Apple, but goes to Google.
I actually did look up the number. And yes, although it did not show a link to Apple, it didn’t say it was a scam number. So just wanted to double check before clicking on anything, even though I was pretty sure it was a scam. Thanks for your input!
Kurt Lang wrote:
Sometimes it's difficult to tell what the scammer is trying to accomplish. Most times, the phone number they stick in these scams goes nowhere. That is, there's no matching location at all. Others, like this one, actually exist for a business somewhere. But if you call that number, wouldn't it then connect to the business rather than the scammer?
When you’re actually able to connect your call to actual scammers, I’d expect you’ve reached a scam call center either directly, or your call was routed via an organization with a compromised telephone interconnection.
Or the provided telephone number is unrelated to the spam, and the spammer can reason to want people to block that number with in-bound calls.
or your call was routed via an organization with a compromised telephone interconnection.
I thought about that one, but didn't know if it was possible.
It was also no more than a guess about a possible hidden. I've never gotten one of these things, otherwise I'd like to tap and hold on the number to see if it goes where it says, or masks a different number.
Kurt Lang wrote:
or your call was routed via an organization with a compromised telephone interconnection.
I thought about that one, but didn't know if it was possible.
Yeah; private branch exchanges are computers, and can have credentials exposed, and vulnerabilities can be exploited.
Asterisk is an open-source PBX — which means information on how it works is more accessible, and this including suggestions for hardening — if you’re interested in learning about PBXs. Or if you want to run your own PBX.
Is this legit or scam?