September 18, 2024
As Apple prepares to launch the iPhone 16, cybercriminals are already exploiting the hype with scams targeting eager fans. Widely regarded as the most anticipated tech event of the year, the release has fans poised to acquire the latest high-tech gadget. However, Kaspersky researchers have discovered that threat actors are luring users with fake pre-orders, early-adopter offers, and bogus technical support—all packaged in convincing websites that lead only to financial losses and disappointment.
The new iPhone 16 is set to be unveiled during the “Glowtime” event on Monday, September 9, 2024, with official invites for the event sent out in August. If tradition holds, the devices are expected to hit stores on Friday, September 20th. Anticipated enhancements include AI-powered capabilities, revamped hardware, larger screens, sleeker frames, and a range of new colors. Rumors surrounding the latest device began circulating over the summer, giving cybercriminals an early warning.
As the event approaches, researchers at Kaspersky have discovered fraudulent activity surrounding the launch. One common scam used by the threat actors offers early adopters the chance to pre-order the latest iPhone with a nearly 40% discount. Victims are directed to a slick website showcasing shiny new iPhones, enticing them with the promise to “be among the first to enjoy cutting-edge technology.” Once they click through, they’re asked for their billing and shipping information, with the option to pay via PayPal. A fake invoice is generated upon clicking ‘add to cart’ or ‘buy,’ factoring in tax and shipping, and even offering “free shipping” for orders over $1,000—how generous!
Once the payment is submitted, victims soon realize the money has disappeared from their account, but no iPhone is delivered. Even more concerning, the fraudsters now possess their personal information, which can be sold on the dark web.
Another scam found by Kaspersky’s experts is an offer for iPhone technical support which would enable them to update their mobile device. The fake site, which is in Spanish, so presumably aimed at Latin American users, also purports to take them through to a page where they can report the phone’s loss or theft, and another to help them find their device. Finally, at the bottom victims are also given the option to reach a repair service. In return, all the page asks is to sign in with your Apple ID (a page which is strangely in English).
Although filling in just one credential might not seem significant, iPhone users understand that if someone steals your Apple ID, they essentially hold the keys to your digital kingdom. Fraudsters can access your personal details—such as your name, email address, and more—and sell them on the dark web. They can also infiltrate your iCloud account, gaining access to your photos, documents, and device backups. Even more concerning, they can make unauthorized purchases using your ID, view your account balance, and take money from your Apple Wallet. Worst of all, your device can be locked and held for ransom.
“As with most new technological releases, the launch of the iPhone 16 has generated massive excitement. Cybercriminals are quick to exploit this hype, so it’s precisely at times like these that consumers should be extra vigilant. When making new purchases, stick to official channels, be skeptical of deals that seem too good to be true, and always verify URLs before sharing any personal information. Scammers are counting on eager fans letting their guard down, so vigilance is key,” says Olga Svistunova, security expert at Kaspersky.
To avoid falling victim to scams like these, Kaspersky experts recommend:
- Stick to official channels: Only purchase or pre-order the iPhone 16 through official retailers like Apple’s website or trusted partners. Avoid clicking on links from unfamiliar websites or promotional emails, no matter how attractive the deal.
- Be skeptical of deals that seem too good to be true: Cybercriminals often lure people in with offers of huge discounts or early access. If an offer seems too good to be true—such as a 40% discount or exclusive pre-order access—it’s likely a scam.
- Double-check URLs and email addresses: Scammers often create fake websites that look nearly identical to legitimate ones. Always verify that the URL starts with “https://” and matches the official Apple domain. Similarly, be cautious of emails from unofficial-looking addresses.
- Don’t share personal information: Be wary of any website or email asking for sensitive information like your credit card details, personal identification numbers, or Apple ID password. Apple will never ask for this kind of information via unsolicited emails or links.
- Enable Two-Factor Authentication (2FA): Safeguard your online accounts, especially those linked to payment methods, with 2FA. This extra layer of security makes it harder for scammers to access your personal information.
- Verify pre-order news: If you hear about a special offer or pre-order deal, confirm it on Apple’s official website or news channels.
- Keep an eye on your device’s activity and report suspicious transactions: If you receive a questionable email, report it to Apple or the appropriate authorities.
- Report questionable offers: If you come across a suspicious website or phishing email, report it to Apple. This can help protect other users from falling for a scam.
- Use a trusted security Solution: An automated security solution, like Kaspersky Premium, will protect you from all known and unknown scams.
- Stay Informed: Stay current on common scams and cybersecurity best practices