ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / NEWS

Scammers Made $400K in 2 Years Exploiting Apple’s ‘Someone Else Picks It Up’ Feature

Since 2021, Apple has been sending out identical alerts to people in over 150 countries, indicating that the threat is real and persistent.
PUBLISHED APR 22, 2024
Cover Image Source: The Apple company logo hangs above an Apple retail store| Photo by Scott Olson | Getty Images
Cover Image Source: The Apple company logo hangs above an Apple retail store| Photo by Scott Olson | Getty Images

Experts at a cybersecurity conference raised concerns about a feature on the Apple Store Online called 'Someone else picks it up.' Scammers exploited this feature and made off with more than $400,000 in just two years.

Image Source: Apple phones on display in an Apple store | Photo by Joe Raedle | Getty Images
Apple phones on display in an Apple store | Photo by Joe Raedle | Getty Images

In September 2022, researchers Gyuyeon Kim and Hyunho Cho of the Financial Security Institute of South Korea learned about many significant cyberattacks on more than fifty popular online retailers. Numerous instances of compromised sensitive information were made evident by these attacks. Without being discovered, the fraudsters were able to manipulate these online retailers' payment sites. Together with genuine transactions, they diverted credit card numbers and personal information to their servers.

If you allow someone else—a friend or family member—to pick up your online order at an Apple Store and present them with proof of purchase, you have the choice to do so. Therefore, scammers obtained credit card information that had been stolen. Using these cards, they would make online purchases of Apple devices, designating certain individuals from thrift stores as authorized pick-up recipients. As an illustration, suppose they used the stolen card to pay only $800 for the $1,000 iPhone. Following the pickup of the iPhone by the employee of the thrift store, the con artists would keep the $800 that the victim had paid.

Image Source: Attendees look at brand new Apple products during an Apple event | Photo by Justin Sullivan/Getty Images
Image Source: Attendees look at brand new Apple products during an Apple event | Photo by Justin Sullivan/Getty Images

The research group called the Apple store scam "Poisoned Apple." Based on hints such as purchasing a domain name from a Chinese ISP, they believe the offenders are Chinese. On the dark web, they came across material written in simplified Chinese that was linked to an email address that had been inadvertently left in the source code. The entire operation was discovered by the researchers when they came across a web server running software that the thieves were using to gather stolen data. The offenders' IP address was revealed by configuration errors even though they were hiding behind several layers of IP addresses utilizing Cloudflare's content delivery networks.

Apple has alerted iPhone customers in 92 countries to possible harmful threats. The potential of mercenary malware attacks was brought to light by this advisory, which was issued in early April. The business underlined how severe the situation is and said that these attacks probably target particular people because of who they are or what they do. Apple has been alerting customers about this vulnerability for a long time; since 2021, they have been sending out identical alerts to people in over 150 countries. This indicates that the threat is real and persistent.

Image Source: Customers try out the new iPhone 15 at an Apple store| Photo by Lintao Zhang | Getty Images
Customers try out the new iPhone 15 at an Apple store| Photo by Lintao Zhang | Getty Images

These are extremely sophisticated attacks, especially the ones that use the NSO Group's Pegasus spyware. An Israeli business called NSO specializes in remote iPhone hacking. A US judge decided in Meta's favor in March 2024, ordering NSO to turn over its Pegasus code. Pegasus malware can take over a mobile device and use it to send and receive messages, make calls, and steal personal data. These attacks frequently linked to governmental or corporate groups call for substantial resources and specially designed strategies for certain targets.

MORE ON MARKET REALIST
Taylor never knew he had won because the slot machine had malfunctioned.
3 hours ago
Dwyane 'the Rock' Johnson said that his friend's actions changed the course of his life.
12 hours ago
The Texas inventor pitched a generator named after him on the third season of Shark Tank.
1 day ago
Despite putting the contestant in an awkward position the host did get the audience to laugh.
1 day ago
Although fans have admired his energy on the episode for years, Paul revealed why he wasn't too happy.
1 day ago
It took more than a decade and an amazing invention for Les Cookson to secure a deal on Shark Tank.
1 day ago
The contestant was also defended by some who said they would've made the same mistake.
2 days ago
While the item received a record-breaking appraisal, a flaw prevented its value from going higher.
2 days ago
She has starred in classic films such as "Sixteen Candles", "The Lost Boys", and "Twister".
3 days ago
What is Judy Sheindlin’s salary per episode? Here’s what we know about the TV judge and her new IMDb TV show, ‘Judy Justice.’
3 days ago
Sajak was criticized by fans on the internet but the contestant clarified that it was just for fun.
3 days ago
Danielle Perez had gone viral after talking about the awkward moment on "The Price is Right" on social media.
4 days ago
The singer also got Malone's number but is only focusing on sharing his work with him for now.
4 days ago
The incident did not bring down the woman's excitement as she kept jumping on stage.
4 days ago
The guest had no idea whose face was engraved on the top of the box and how much it cost.
5 days ago
The young entrepreneur saw a common problem kids his age faced and came up with an invention.
5 days ago
It was a gift from the father of his first client to whom he had sold a condo.
5 days ago
The singer wanted to celebrate his journey by sending fans to the place linked to his early days.
5 days ago
Wait till you hear the list of weird prizes that 'Price is Right' gave in the '50s.
6 days ago
The bottled water from the popular retailer has nanoplastic particles more than the firm's limits.
6 days ago