Imessage account hacked

If you think your Apple ID has been compromised - Apple Support

My brother just had the same message appear on his IPhone6 ("Your Apple ID and phone number are now being used for iMessage on a new Mac. If you recently signed into '8gepc的' mac (12)' you can ignore this notification.")

Going to imessage shows around 50 messages in Chinese supposedly sent from his account -- he's changed his password and set up two factor authentication, but we're a little upset, as we don't really feel he did anything to compromise security/his password.

Found a few other instances on this happening over the last two weeks -- is it possible Apple's security was compromised?

https://www.reddit.com/r/applehelp/comments/53nas0/imessage_hacked_to_send_hundr eds_of_chinese/

The typical cause of such individual account takeovers is simply where you have re-used the same username/email and password between services. For example, Yahoo just had a breach of over 1 million accounts and nearly ever other large service has had breaches over the past several years as well. Therefore, if you have ever used the same password on another service then that is how your AppleID was compromised.

To check if your email account has ever been involved in a security breach, check the following reputable website:

https://haveibeenpwned.com/

When you find behavior like this related to any account, you should (as you did) do a password reset, and then enable 2-factor authentication.

Hi Phakom. This just happened to us on 10/3/16. You will want to change your Apple ID password and possibly other passwords to other accounts you use on your phone. You'll also need to check with your carrier because in our case we had 120 international texts sent out and carrier had to reverse those and back charges out. We also has the international code 86 blocked and turned off iMessages for now on out iPhone. We've also setup 2FA so we can have additional security, which was not setup before. We're also on the latest iOS 10.

Hope this helps.

I had the same thing happen to me, last night and this morning. I changed passwords but still worried about what information they got a hold of.

I had the same thing happen last night! I changed all of my information - but I am still worried about what they saw and am concerned that they accessed my bank information.

This can only happen if the SPAMmers have somehow obtained your iCloud login credentials

- there are only 3 ways that can happen:

1. someone close to you "eavesdropped" while you logged in and sold your credentials on the BlackWeb
2. you fell for a Phishing scam - for example, you followed a path from a clever email and entered your credentials into a bogus website
3. the iCloud credentials were stolen from Apple's server in a hack = VERY UNLIKELY

Unless you fell for #2, and entered MORE than just your credentials, changing your password should be plenty to stop this

http://www.cloudpro.co.uk/leadership/6310/spammers-hack-icloud-accounts-to-messa ge-victims-in-china

...

“In the end, defeating these scammers will take a community effort – not just from Apple, but also from telecom operators and consumers,” said Anderson.

“Operators can protect their customers from unusual spikes in international traffic, Apple can and do[es] recommend using strong passwords and Two-Factor-Authentication on [its] accounts, and consumers should learn about and own their own personal security, paying particular attention to login alerts from new devices.”

---

It is IMPORTANT that you report to Apple AND your phone carrier - this forum is NOT reporting to Apple

Report iMessages that look like spam or junk - Apple Support

reporting to your carrier and Apple may require using techniques in this section of above link

Email Apple to report spam or junk

If you don't have iOS 8.3 or later, you can send an email to imessage.spam@apple.com with this information:

• A screenshot of the message. Learn how to take a screenshot on your iPhone, iPad, iPod touch, or Mac.
• The email address or phone number that sent the iMessage.
• The date and time that you got the iMessage.

To report SMS and MMS messages, contact your carrier.

I would CC any emails to reportphishing@apple.com as that also sends the email to Apple Cyber Security partner

Security Awareness Training | Email Phishing Security | PhishLabs

https://www.phishlabs.com/

I just had the same account hack my Apple ID and sent probably 30+ messages in Chinese.

"Your Apple ID and phone number are now being used for iMessage on a new Mac.If you recently signed into “8gepc的Mac (12)” you can ignore this notification."

Thankfully, all of it was over Wi-Fi. Changed my password and am in the process of doing the 2-step thing. Doesn't look like any other information was compromised, thank goodness. If you google the name, it's happened to quite a few people recently.

Apple... what's up?!

I Had the same this morning.

changed my Apple ID password

also changed my password on my mobile phone account.

its sad that people think it's ok to do this to people.

my Mam had her BT email account hacked earlier in the year and BT couldn't do anything, he hacker had changed every email password and security info possible. It was sent to Intel in America to deal with.

I got a similar email like this too this evening.

At first, I did the following attached link. They required my personal information, so I filled into it.

But the next step they required my credit-card details and I realized that it felt wrong, so I checked the mail address and it doesn't look like from an apple.

I have already changed my password and worried about other people might get this e-mail too.

This literally happened to me last night. Any advice is helpful.

Advice already exists in the thread - read it thoroughly

This happened to me today. I received an email that a windows computer had signed in using internet explorer. About two hours later I received another email saying someone had signed into my account on a macbook. Shortly after the MacBook sign on about 30 messages were sent to various international numbers +86-136......

HAs anyone else has this issue? Did you find any other issues, purchases or accounts compromised?

Advice already exists in the thread - read it thoroughly -

I am very careful when it comes to phishing emails etc. I havent done anything would compromise the security of my account. Today, i had a message pop up saying I'd been logged into a new mac. First thing I did was change my password and set up the 2 step veto action process: however, it was too late and multiple messages had been sent in Chinese. They have somehow managed to hack into my account. I'm not happy!!!

.