Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Phishing attacks have reached a new level of sophistication, as scammers now exploit trusted platforms to deliver malicious content. Recently, a concerning trend has emerged where attackers misuse Apple’s iCloud Calendar invite system, sending phishing messages directly from Apple’s email servers.
This ingenious tactic enables these fraudulent emails to evade spam filters, making them seem more legitimate and trustworthy to unsuspecting recipients. The end goal of this insidious scheme is to manipulate users into calling a scammer’s fraudulent support number, under the guise of disputing a fabricated PayPal transaction. Once a victim makes contact, they are often persuaded to provide remote access to their devices or reveal sensitive personal information.
How Scammers Manipulate Apple’s Infrastructure
The core of this scam relies on the exploitation of Apple’s official infrastructure to give credibility to the phishing attempt. Instead of using an obviously suspicious email address, scammers send calendar invites from Apple’s genuine domain, [email protected], as highlighted by Bleeping Computer.
The phishing message typically resides in the
