The State Duma has warned of a new wave of fraud targeting owners of Apple devices. Attackers are masquerading as tech support staff and spreading phishing messages through mobile games, gaming communities, YouTube, Discord, and Telegram. The goal is to trick the victim into logging out of their own iCloud account and logging into an Apple ID controlled by the criminals.
According to Anton Nemkin, a member of the State Duma Committee on Information Policy, the attacks are not related to technical hacking: the attackers rely exclusively on social engineering methods. Users are allegedly required to perform an "urgent update", "verify their account" or "fix an error" to avoid blocking their game profile. Children are especially vulnerable - they often hide information about such requirements for fear of losing in-game progress.
After logging into a fake Apple ID, scammers gain full control of the device through the "Find My iPhone" feature and can remotely lock the smartphone, denying the owner access to their data.
Nemkin emphasized that neither Apple nor game developers ever ask users to leave their iCloud account. As protection, it is recommended to enable two-factor authentication, use the "Screen Time" function to control children's activity, and regularly discuss the risks of online fraud with them. Raising awareness, he said, is a key way to reduce the effectiveness of such schemes.
Read more on this topic:
- Ministry of Digital Development promised to apply "tough measures" against Apple if the IT giant does not meet the requirements of the FAS
- Foreign cards stopped being linked to Apple Pay on iPhones from Russia
- Sberbank has returned contactless payment using iPhone: the "Vzhuh" technology works similarly to Apple Pay