Beware Mac Users: Fake AppleCare+ Support Scam Lures Victims via GitHub Repos
A new fraudulent campaign targeting Mac users seeking AppleCare+ support or extended warranties has been uncovered by cybersecurity experts at Malwarebytes. The scammers are using a combination of purchased Google ads and fake pages hosted on GitHub to deceive victims into handing over money or personal information.
The attackers purchase Google ads that appear to be legitimate links to AppleCare+ support pages. However, these ads lead to counterfeit pages hosted on GitHub. These pages closely mimic the official AppleCare+ site, using Apple’s logos and design aesthetics to create a sense of authenticity.
The scammers then employ a unique tactic: a pop-up window on the fake pages that automatically dials a phone number. This makes it extremely easy for the victim to connect with a fraudulent “Apple representative” in just two clicks. These “representatives” are, in fact, call center operators trained in social engineering techniques. They will try to persuade the victim to provide payment information or sensitive personal data.
The scammers exploit the trust that many users place in Google ads, leading them to believe that these fake pages are legitimate. The use of Apple’s branding further reinforces this false sense of security. To evade detection and blocking, the phone numbers on these pages are frequently changed, making it difficult for authorities to track the operation.
Image: Malwarebytes
The primary risk for victims is financial loss. The scammers often request that victims transfer large sums of money from their bank accounts through various methods. In some cases, the fraudsters also collect personal information, such as addresses, social security numbers, and banking details, which can be used for identity theft or sold on the dark web.
Experts advise Mac users to exercise caution when seeking phone or online support, especially for well-known brands like Apple. Even when clicking on sponsored search results, there is a risk of landing on counterfeit websites. Be wary of any unsolicited contact from “Apple representatives” and never provide personal or financial information unless you are absolutely certain that you are dealing with a legitimate Apple support agent.
