September 18, 2024
As Apple prepares to launch the iPhone 16, cybercriminals are already exploiting the hype with scams targeting eager fans. Widely regarded as the most anticipated tech event of the year, the release has fans poised to acquire the latest high-tech gadget. However, Kaspersky researchers have discovered that threat actors are luring users with fake pre-orders, early-adopter offers, and bogus technical support—all packaged in convincing websites that lead only to financial losses and disappointment.
The new iPhone 16 is set to be unveiled during the “Glowtime” event on Monday, September 9, 2024, with official invites for the event sent out in August. If tradition holds, the devices are expected to hit stores on Friday, September 20th. Anticipated enhancements include AI-powered capabilities, revamped hardware, larger screens, sleeker frames, and a range of new colors. Rumors surrounding the latest device began circulating over the summer, giving cybercriminals an early warning.
As the event approaches, researchers at Kaspersky have discovered fraudulent activity surrounding the launch. One common scam used by the threat actors offers early adopters the chance to pre-order the latest iPhone with a nearly 40% discount. Victims are directed to a slick website showcasing shiny new iPhones, enticing them with the promise to “be among the first to enjoy cutting-edge technology.” Once they click through, they’re asked for their billing and shipping information, with the option to pay via PayPal. A fake invoice is generated upon clicking ‘add to cart’ or ‘buy,’ factoring in tax and shipping, and even offering “free shipping” for orders over $1,000—how generous!
Once the payment is submitted, victims soon realize the money has disappeared from their account, but no iPhone is delivered. Even more concerning, the fraudsters now possess their personal information, which can be sold on the dark web.
Another scam found by Kaspersky’s experts is an offer for iPhone technical support which would enable them to update their mobile device. The fake site, which is in Spanish, so presumably aimed at Latin American users, also purports to take them through to a page where they can report the phone’s loss or theft, and another to help them find their device. Finally, at the bottom victims are also given the option to reach a repair service. In return, all the page asks is to sign in with your Apple ID (a page which is strangely in English).
Although filling in just one credential might not seem significant, iPhone users understand that if someone steals your Apple ID, they essentially hold the keys to your digital kingdom. Fraudsters can access your personal details—such as your name, email address, and more—and sell them on the dark web. They can also infiltrate your iCloud account, gaining access to your photos, documents, and device backups. Even more concerning, they can make unauthorized purchases using your ID, view your account balance, and take money from your Apple Wallet. Worst of all, your device can be locked and held for ransom.
“As with most new technological releases, the launch of the iPhone 16 has generated massive excitement. Cybercriminals are quick to exploit this hype, so it’s precisely at times like these that consumers should be extra vigilant. When making new purchases, stick to official channels, be skeptical of deals that seem too good to be true, and always verify URLs before sharing any personal information. Scammers are counting on eager fans letting their guard down, so vigilance is key,” says Olga Svistunova, security expert at Kaspersky.
To avoid falling victim to scams like these, Kaspersky experts recommend: