Phishing scams are actually rather common, although for the most part if you use email services like Gmail, Google’s spam filter does a pretty good job at filtering them out. However not all phishing scams come via email, some are sent via text message, and in this particular case, was made via a phone call.
According to a report from Krebs On Security, it talks about an incident that happened with a certain Jody Westby who is the CEO of Global Cyber Risk, a security consulting firm. What happened was that one day Westby received an automated call on her iPhone informing her that multiple services contain Apple IDs have been compromised, and that she needed to call a 1-866 number before doing anything else on her phone.
What was scary about this call was that on the caller ID, it showed Apple’s name, it listed Apple’s website, and even the company’s main office in its address, all of which were presumably to trick anyone looking at it into thinking that this is a legitimate call from Apple themselves.
Westby then decided to make sure it was really them by going to Apple’s website and requesting that a customer support person call her back. Now Westby already knew that this was scam, but it was shocking to see that the callback she received was from the same number that was used in the previous automated call. The Apple agent told her that Apple had not contacted her and that it was almost certainly a scam where the scammer most likely spoofed Apple’s number.
So if this does happen to you, your best bet would be to get a double confirmation from Apple themselves to ensure that you aren’t being tricked. Another good tip is that usually these companies never ask for your login or password information, so if they do, then maybe you should delete that email or hang up the phone.