A malicious operation has been uncovered, targeting Mac users searching for AppleCare+ support or extended warranty services. Scammers are purchasing Google ads to direct victims to fake websites hosted on GitHub, where they impersonate Apple representatives. Through social engineering tactics, these fraudsters deceive users into giving them money.
The Scam Unveiled: Inside the Deceptive Tactics
The scam is initiated when users search for Apple support online. Leveraging a lucrative deal where Google, reportedly paying Apple $20 billion to remain the default search engine, prominently displays ads in Safari. These “Sponsored” ads often appear above authentic Apple contact information, with multiple fraudulent ads sometimes shown before any legitimate results.
When users click on these misleading ads, they are taken to a counterfeit AppleCare+ support page, which prompts them to call a toll-free number falsely claiming to be Apple. Instead, they are connected to scammers working from overseas call centers. These fake support pages, hosted on GitHub as standalone HTML templates, mimic Apple’s branding to appear authentic.
GitHub : Platform Exploited for Fraudulent Schemes
Scammers have set up multiple GitHub accounts, each hosting repositories with deceptive templates that imitate Apple’s branding. GitHub’s commit history shows that scammers can quickly change phone numbers if they are reported and blocked. Notably, these fraudulent pages feature a code called “autoDial,” which automatically opens the phone dialer, minimizing the steps victims need to take to contact the scammers pretending to be Apple representatives.
GitHub has addressed the problem by removing the reported malicious accounts. Nonetheless, the scammers’ ability to quickly set up new accounts and create fresh templates continues to be a persistent challenge.
Dangers and Implications for Victims
Malwarebytes reports highlight the severe dangers of this scam, which combines deceptive Google ads with highly convincing fake websites. Scammers exploit the trust users place in Apple’s brand, tricking them into believing they are interacting with legitimate support agents.
Victims face significant financial risks, with potential losses ranging from hundreds to thousands of dollars. Scammers often instruct victims to withdraw funds from their bank accounts and transfer them through various channels.
In some instances, fraudsters also solicit sensitive personal information, such as names, addresses, social security numbers, and banking details. This information can be used for further fraudulent activities, including identity theft and blackmail.
Author : Anuradha Ranaweera – Information Security Engineer