iPhone users in France are being targeted by a new telephone scam that uses fake security alerts to steal personal data [1].
This scheme is significant because it leverages fear and the perceived security of the iOS ecosystem to deceive users into compromising their own privacy. By mimicking system warnings, attackers can bypass a user's natural caution toward suspicious links or calls.
The scam operates by displaying a fraudulent message to the victim stating, "your phone has detected a telephone tap" [1]. This alert is designed to create a sense of urgency and alarm, leading the user to believe their device has been compromised by illegal surveillance [1].
Once the victim is convinced their privacy is at risk, the fraudsters attempt to guide them through a fake resolution process. During this interaction, the attackers seek to elicit sensitive personal information [1]. This method of social engineering relies on the victim's desire to secure their device to facilitate the theft of data [1].
Security experts said these messages are not legitimate system alerts from Apple. The goal is purely to mislead the user into providing information that can be used for further identity theft, or financial fraud [1]. Users are encouraged to remain vigilant and avoid interacting with unexpected prompts that request personal details, or claim to have detected security breaches during a call [1].
“Your phone has detected a telephone tap”
This scam represents a shift toward high-pressure social engineering that targets specific hardware demographics. By fabricating a technical threat—such as an illegal wiretap—attackers exploit the psychological vulnerability of users who trust their device's internal security notifications, making the fraud more effective than traditional phishing emails.
