Fraud ring that resold customers’ Apple data busted by Chinese police

20 of the culprits worked for the tech giant.

David bisson
David Bisson
@

Fraud ring that resold customers' Apple data busted by Chinese police

Chinese authorities have busted up a fraud ring accused of stealing customers’ Apple information and selling it online.

On 7 June, police in the southern province of Zhejiang published a statement disclosing the arrest of 22 persons who are believed to have violated users’ privacy by illegally obtaining and selling their data. Those suspects gathered up customers’ names, addresses, Apple IDs, and other information. They then resold those details online, sometimes for as little as 10 yuan (US $1.50) apiece, as part of a scam worth 50 million yuan (US $7.36 million).

Little is currently known about the victims of the fraudsters. For instance, it’s unclear whether the scammers targeted Apple users based in China or the United States.

Sign up to our free newsletter.
Security news, advice, and tips.

But we do know a bit about the attackers. Of the 22 persons who perpetrated the theft, 20 worked as employees at a “domestic direct sales company and outsourcing company,” reports South China Morning Post. Additionally, all 22 suspects entered into police custody as a result of raids that targeted four Chinese provinces: Guangdong, Jiangsu, Zhejiang, and Fujian. The authorities seized “criminal tools” in the process.

By no means is this the first time attackers have targeted customers’ Apple IDs. In spring 2016, fraudsters acting under the umbrella of an entity called “AppleInc” falsely warned Apple users via SMS text that they needed to confirm their Apple IDs in order to prevent them from expiring. Of course, these mobile messages were phishes that all led to a convincing albeit nonetheless fake Apple sign-in page.

Apple id sms phishing

Nefarious individuals can do all sorts of things with stolen Apple IDs. On the one hand, they can monetize them like the suspects did by selling them on the dark web, or they can extort affected users for ransom in return for their data. On the other hand, they can leverage those IDs to gain access to users’ personal documents and emails, which they can then use to potentially steal financial information and/or conduct secondary attacks.

Given the threats involved, users should protect their Apple accounts with two-step verification. Doing so will prevent unauthorized parties from successfully abusing their Apple ID accounts. At the same time, Apple should examine its supply chain security in order to improve the depth and frequency of employee vetting, and it should look over its employee security awareness training to focus specifically on insider threats.


David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.