Jason Anthony Guy1d ago

RE: https://mastodon.social/@jagsworkshop/116288326042688247

The first rule of Apple support: Apple will never call you first.

Also: Use a password manager. If you inadvertently click a link that asks for your login credentials, and your password manager doesn’t fill them in, *proceed with caution*. It's not foolproof, but it’s a good backstop against fraudulent domains.

Show threadTimothy Perfitt1d ago
@JasonAnthonyGuy i have gotten unexpected calls from apple's developer relations, apple's business manager team, apple retail business and executive relations. i have also gotten calls from friend of friends at apple. i always have something in flight so not sure if i could tell what "first" is.
Show threadJason Anthony Guy1d ago

@tperfitt Unexpected as in timing, or as in unrelated to something in flight?

(Importantly, I expect none of these calls are asking you to visit or click on a random link?)

What's your validation process when you get those calls?

Show threadTimothy Perfitt1d ago

@JasonAnthonyGuy Timing is also problematic. I have been told multiple times that someone from (app approval | MFI | business verification | etc) will be calling but it might be days or 2 weeks before they call. During that time, i could get a call that sounds related but is a scam.

Now that I think about it, getting a list of iOS app devs and calling them and saying that I am from app review about their app in review would probably be pretty successful.

Show threadJason Anthony Guy1d ago

@tperfitt I think if start from the premise that "Apple will never call first,” you can go into a call with “Apple” with a heightened sense of skepticism that can help protect against being scammed.

And yeah, developers are a vulnerable cohort. I would expect someone from App Review (to use your example) to give enough context to make it clear they're legit, and those calls won't include being asked to log into a site they text or email.

Even so, we all have to be hyper-vigilant.

Show threadTimothy Perfitt
@JasonAnthonyGuy I used to think I was sophisticated enough and had a good spidey sense, but came very close to falling for a few scams.
Mar 26 at 1:46amWeb
Show threadTimothy Perfitt1d ago

@JasonAnthonyGuy We had one where someone purchased $3k of hardware from us and we had the money deposited into our bank account. They wrote and said that project was on hold and not to ship yet. Then they said they needed 1/2 and to refund 1/2.

Turns out that ACH is a "promise" to deposit and money was pulled back after 7-10 days. They insisted we wire refund to them. I thought it was legit but wanted to slow walk it and delayed a week. Then their scam fell apart and we never heard from them.

Show threadJason Anthony Guy1d ago

@tperfitt Oh, yeah, I've heard of those ACH scams. I remember reading that insistence on refunds via a different form is a huge red flag.

Glad you avoided that one.

Show threadTimothy Perfitt1d ago
@JasonAnthonyGuy like"apple never calls first" rule, i thought "money in the bank" was a solid rule. it was not.
Show threadJason Anthony Guy1d ago
@tperfitt I am extremely paranoid. I assume every call and email is an attempt to scam me.