Beware “iCloud Breach” Phone Scam

posted in: June 2018 | 0

23 comments

Beware “iCloud Breach” Phone Scam

TidBITS reader David Brugger has alerted us to a new phone scam targeted at Apple users. The automated message claims to be from “Apple Support Care” and warns that your iCloud account has been breached and that you should stop going online. It then tells you to press 1 to be connected to Apple Support. Yeah, right, that’s going to happen.

Needless to say, this is just another form of the classic tech support scam, and if you get such a call, hang up immediately. (To hear what happens if you respond, and then take it to the logical extreme, check out “Turning the Tables on a Tech Support Scammer,” 19 September 2017.) Others have reported this scam on the Apple Support Communities as well.

The best defense against this sort of intrusion is carrier-level call blocking, since then the spam calls never even make it to your iPhone. AT&T offers the AT&T Call Protect app and service, which is based on the Hiya crowd-sourced database of known bad numbers, and T-Mobile offers Scam Block. Both are reportedly quite good, and you must sign up for them manually.

AT&T Call Protect identifying a call and showing activity
AT&T Call Protect identifying a suspect spam call and showing call log activity.

For those on other cellular networks, there are a variety of call-blocking apps that integrate with the call-blocking capabilities of iOS 10 and up. These can identify calls as coming from spammers or even block them right off, based on information from crowd-sourced databases. This approach works better than blocking the numbers manually yourself, since spammers are unlikely to use the same number twice when calling you, but they do reuse numbers across multiple people. So if five or ten people report a particular number as bad and then it’s used to call you, these apps can know to identify or block the call.

Although I’ve just switched to AT&T Call Protect, I previously used the roughly similar Hiya and Mr. Number, which come from the same company and are free with premium add-ons for $14.99 per year. They’re not perfect but are distinctly helpful in identifying and blocking phone spam. Alternatives include Truecaller (ad-supported or $17.99 per year) and Robokiller ($24.99 per year).

Once you install one of these apps from the App Store, it appears in Settings > Phone > Call Blocking and Identification for you to enable.

Call Blocking settings in iOS

If you have particularly good or bad experiences with one or more of the call-blocking apps, let us know in the comments since they’re difficult to compare in real-world tests.