Q: Imessage account hacked
-
Oct 1, 2016 9:13 PMby PieOnPot,HelpfulMy brother just had the same message appear on his IPhone6 ("Your Apple ID and phone number are now being used for iMessage on a new Mac. If you recently signed into '8gepc的' mac (12)' you can ignore this notification.")
Going to imessage shows around 50 messages in Chinese supposedly sent from his account -- he's changed his password and set up two factor authentication, but we're a little upset, as we don't really feel he did anything to compromise security/his password.
Found a few other instances on this happening over the last two weeks -- is it possible Apple's security was compromised?
https://www.reddit.com/r/applehelp/comments/53nas0/imessage_hacked_to_send_hundr eds_of_chinese/
-
Oct 1, 2016 9:27 PMby FishingAddict,The typical cause of such individual account takeovers is simply where you have re-used the same username/email and password between services. For example, Yahoo just had a breach of over 1 million accounts and nearly ever other large service has had breaches over the past several years as well. Therefore, if you have ever used the same password on another service then that is how your AppleID was compromised.
To check if your email account has ever been involved in a security breach, check the following reputable website:
When you find behavior like this related to any account, you should (as you did) do a password reset, and then enable 2-factor authentication.
-
Oct 3, 2016 7:43 AMby rgc214,Hi Phakom. This just happened to us on 10/3/16. You will want to change your Apple ID password and possibly other passwords to other accounts you use on your phone. You'll also need to check with your carrier because in our case we had 120 international texts sent out and carrier had to reverse those and back charges out. We also has the international code 86 blocked and turned off iMessages for now on out iPhone. We've also setup 2FA so we can have additional security, which was not setup before. We're also on the latest iOS 10.
Hope this helps.
-
Oct 4, 2016 8:28 AMby ChitlinsCC,This can only happen if the SPAMmers have somehow obtained your iCloud login credentials
- there are only 3 ways that can happen:
- someone close to you "eavesdropped" while you logged in and sold your credentials on the BlackWeb
- you fell for a Phishing scam - for example, you followed a path from a clever email and entered your credentials into a bogus website
- the iCloud credentials were stolen from Apple's server in a hack = VERY UNLIKELY
Unless you fell for #2, and entered MORE than just your credentials, changing your password should be plenty to stop this
http://www.cloudpro.co.uk/leadership/6310/spammers-hack-icloud-accounts-to-messa ge-victims-in-china
...
“In the end, defeating these scammers will take a community effort – not just from Apple, but also from telecom operators and consumers,” said Anderson.
“Operators can protect their customers from unusual spikes in international traffic, Apple can and do[es] recommend using strong passwords and Two-Factor-Authentication on [its] accounts, and consumers should learn about and own their own personal security, paying particular attention to login alerts from new devices.”
---
It is IMPORTANT that you report to Apple AND your phone carrier - this forum is NOT reporting to Apple
Report iMessages that look like spam or junk - Apple Support
reporting to your carrier and Apple may require using techniques in this section of above link
Email Apple to report spam or junk
If you don't have iOS 8.3 or later, you can send an email to imessage.spam@apple.com with this information:
- A screenshot of the message. Learn how to take a screenshot on your iPhone, iPad, iPod touch, or Mac.
- The email address or phone number that sent the iMessage.
- The date and time that you got the iMessage.
To report SMS and MMS messages, contact your carrier.
I would CC any emails to reportphishing@apple.com as that also sends the email to Apple Cyber Security partner
Security Awareness Training | Email Phishing Security | PhishLabs
