https://krebsonsecurity.com/2025/01/a-day-in-the-life-of-a-prolific-voice-phishing-crew/
A new report reveals how sophisticated voice phishing gangs are exploiting legitimate services from Apple and Google to steal millions from cryptocurrency investors. These groups, operating within secretive online communities, utilise advanced social engineering techniques and exploit vulnerabilities in security measures.
One key tactic involves abusing Apple’s support line. By spoofing the victim’s phone number, attackers can initiate a call to Apple support and request a notification to be sent to all the victim’s Apple devices. This seemingly legitimate notification, which appears to originate from Apple, builds trust and allows the attackers to guide the victim through a series of steps, ultimately leading them to a fraudulent website where they enter their login credentials.
These groups meticulously research their targets, leveraging data brokers to gather personal information and identify high-value individuals. They employ sophisticated tools and techniques, including “autodoxers” that automate data collection and verification, to refine their target lists and increase their chances of success.
The internal dynamics of these groups are characterised by a precarious balance of collaboration and betrayal. Members often compete for rewards, leading to internal conflicts and the rapid dissolution of groups. This volatile environment creates a constant churn, with new groups forming and disbanding frequently.
While companies like Apple are taking steps to enhance security measures, the sophistication of these attacks continues to evolve. This highlights the urgent need for increased vigilance and a multifaceted approach to combatting these sophisticated cyber threats.