iPhone Users Warned of New Hybrid Cyber Threat by MHA

Anuj May 11, 2026
www.news4hackers.com-iphone-users-warned-of-new-hybrid-cyber-threat-by-mha-iphone-users-warned-of-new-hybrid-cyber-threat-by-mha
Post Views: 6

The Sophisticated Phishing Campaign Targeting Apple iPhone Users

The National Cybercrime Threat Analytics Unit (NCTAU) has issued an advisory regarding a sophisticated phishing campaign that targets Apple iPhone users who have lost or had their devices stolen.

  • The scammers send fake Apple Support and Find My iPhone messages via SMS, attempting to trick victims into revealing their Apple ID credentials and one-time passwords (OTPs).
  • These messages are designed to appear urgent and trustworthy, leveraging the victim’s anxiety and reliance on Apple’s reputation for security.
  • The scammers’ goal is to harvest the victim’s Apple ID credentials and use them to access the associated iCloud account, remove the device from the Apple ID, and potentially sell or reuse the stolen phone.
  • This campaign is notable due to its tailored approach, exploiting a specific vulnerability in the victim’s emotional state during the time of crisis.
  • The scammers utilize a combination of tactics, including urgency, familiarity, and social engineering, to manipulate the victim into divulging sensitive information.

“The scammers select the target based on a recent report of a lost or stolen device, then send a phishing SMS with a link to a fake Apple Support or iCloud login page.” – According to the NCTAU advisory.

Mitigation Measures

The NCTAU advises iPhone users to exercise extreme caution when dealing with unsolicited SMS messages related to lost or stolen devices:

  • They should manually verify any URLs before entering sensitive information.
  • Avoid clicking links received via unsolicited messages.
  • Navigate directly to the “Find My” webpage using the official iCloud address.

Precautions

To further safeguard against this type of attack, users should:

  • Maintain “Find My iPhone” active for misplaced devices.
  • Avoid entering OTPs or two-factor authentication codes on unverified websites.
  • Refrain from sharing such codes with others.
  • Implement strong passwords and activate two-factor authentication.
  • Regularly update devices.

Reporting Incidents

In India, individuals can report lost or stolen mobile phones for blocking through the CEIR portal, while phishing attempts and cybercrime incidents should be reported promptly at the national cybercrime reporting portal or by contacting the authorities.



About Author

Anuj

See author's posts

More Stories

www.news4hackers.com-north-korea-remote-workers-face-prison-risk-for-it-services-north-korea-remote-workers-face-prison-risk-for-it-services

North Korea Remote Workers Face Prison Risk for IT Services

Anuj May 8, 2026
www.news4hackers.com-fake-government-meetings-scams-exposed-in-singapore-fake-government-meetings-scams-exposed-in-singapore

Fake Government Meetings Scams Exposed in Singapore

Anuj May 6, 2026
www.news4hackers.com-android-malware-spotted-on-popular-game-platform-via-scarcruft-hackers-android-malware-spotted-on-popular-game-platform-via-scarcruft-hackers

Android Malware Spotted on Popular Game Platform via ScarCruft Hackers

Anuj May 5, 2026

Latest Cyber Security News

www.news4hackers.com-can-artificial-intelligence-replace-human-cybersecurity-professionals--can-artificial-intelligence-replace-human-cybersecurity-professionals-

Can Artificial Intelligence Replace Human Cybersecurity Professionals?

Anuj May 11, 2026
www.news4hackers.com-cloudflare-layoffs-impact-1100-employees-restructuring-efforts-underway-cloudflare-layoffs-impact-1100-employees-restructuring-efforts-underway

cloudflare layoffs impact 1100 employees restructuring efforts underway

Anuj May 11, 2026
www.news4hackers.com-skoda-online-store-compromised-in-data-breach-scandal-skoda-online-store-compromised-in-data-breach-scandal

Skoda Online Store Compromised in Data Breach Scandal

Anuj May 11, 2026
www.news4hackers.com-trustcloud-fixes-broken-questionnaire-based-total-productive-runtime-metrics-tprm-model-trustcloud-fixes-broken-questionnaire-based-total-productive-runtime-metrics-tprm-model

TrustCloud Fixes Broken Questionnaire-Based Total Productive Runtime Metrics (TPRM) Model

Anuj May 11, 2026
www.news4hackers.com-instagram-removes-end-to-end-encryption-from-messaging-feature-privacy-advocates-react-instagram-removes-end-to-end-encryption-from-messaging-feature-privacy-advocates-react

Instagram Removes End-to-End Encryption from Messaging Feature, Privacy Advocates React

Anuj May 11, 2026
en_USEnglish
en_USEnglish