Facts Matter — The Most Sophisticated Apple Scam Attack of 2025

Podcast: Facts Matter
Host: Roman (The Epoch Times)
Date: December 17, 2025

Episode Overview

In this eye-opening episode, Roman dissects what he calls “one of the best, most convincing Apple scams” to date. By reconstructing the real-life account of Eric Morey, a Silicon Valley product manager who nearly lost his Apple account, Roman illustrates how scammers have exploited both psychological manipulation and loopholes in Apple’s own support systems. The episode serves as both a warning and a how-to guide to help listeners recognize and protect themselves from this advanced phishing attack.

Key Discussion Points and Insights

1. Anatomy of the Scam ([00:00]–[10:10])

• Introduction to the Incident:
  Roman introduces Eric Morey, the victim, and references Morey’s detailed written account.

  “This particular scam really has it all. It has a genuine request with a real support ticket coming from Apple themselves ... It’s really good enough to trick even extremely skeptical people.” — Roman [00:10]

• Step-by-Step Breakdown:
  Roman provides a visual timeline of how the scam unfolded:

  • 3:17 pm — The Setup:
    • Eric receives a two-factor authentication (2FA) text message that he didn’t request.
    • Simultaneously, notifications pop up on all his Apple devices.
    • A minute later, an automated phone call (really from Apple’s support line) delivers another 2FA code by voice.
  • 3:18 pm — The First Scam Call:
    • Eric receives a phone call from an Atlanta-based number.
    • Caller (posing as Apple): “Your account is under attack. We're opening a ticket to help you. Someone will contact you shortly.”
    • Call lasts 28 seconds; serves only as a setup for the next call.
  • 3:31 pm — The Second Scam Call:
    • Caller is calm and professional; keeps Eric on the line for 25 minutes, reinforcing credibility.
    • Instructs Eric to check his email for an official Apple support ticket—with a real case number from apple.com.
    • “This gave them massive credibility. Apple's own systems were sending me official emails confirming their case number.” — Eric Morey (as quoted by Roman) [05:11]
    • The scammer has Eric reset his iCloud password, guiding him but never asking for the 2FA code at this stage.

2. The Psychological Hook ([10:10]–[16:45])

• Building Trust and Manipulation:

  • After resetting his password, Eric is told to expect a text with a link to close the case.
  • 3:44 pm: Receives a message with a fraudulent link (appeal-apple.com).
  • Website mimics Apple’s interface, showing genuine-seeming details and asking for verification.

    “It had a field for the case number ... they read me the last four digits ... Everything seemed normal.” — Roman quoting Eric [12:00]

• The Final Move: Harvesting the 2FA Code:

  • On the phishing page, Eric is asked to enter a new Apple validation code, which scammers have just triggered.
  • Eric, convinced by previous steps, enters the code on the fake site.
  • “You would never in a million years do something like that normally. But because of all the little steps they took…” — Roman [14:38]
  • Only after submitting the code does Eric realize something is wrong—he immediately receives an Apple email about a new device (a Mac Mini he does not own) accessing his account.

• Aftermath and Recovery:

  • Eric confronts the caller, questions the suspicious domain.
  • The scammer insists, then abruptly drops the call.
  • Eric quickly resets his iCloud password again, locking out the scammers.

3. How the Scam Works & System Weaknesses ([16:45]–[21:30])

• Critical Flaw in Apple’s System:

  • Anyone can create a support claim in another person's name, generating real case numbers and emails from official Apple addresses.

    “The attackers exploited a critical flaw. Apple support system allows anyone to create legitimate support cases in others’ names. ... Official emails from apple.com domains. Complete credibility using Apple’s own infrastructure.” — Roman [17:09]

• Why Even Experts Fall for It:

  • “Even if you are extremely on guard and you're a skeptical person, this is all very believable.” — Roman [11:45]
  • Layered steps, carefully sequenced, build trust and urgency—an example of advanced social engineering.

4. Prevention and Expert Advice ([21:30]–[27:00])

• Apple’s Guidance:

  “Apple says don’t answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through our official support channels. It doesn’t matter the lure; do not take the call.” — Roman [21:50]

• FBI Recommendation:

  “The FBI is very clear on this as well, saying that know that legitimate companies will never call you and offer tech support out of the blue. If you get a call like this, hang up.” — [22:17]

  • Applies to Apple, Google, banks, and any company.

• General Rule:

  • If contacted unexpectedly by “support,” always hang up and reach out via official, published support avenues.

Notable Quotes & Memorable Moments

• On How the Scam Works:

  “This scam is so good. Even if you are extremely on guard and you're a skeptical person, this is all very believable.” — Roman [11:45]

• On the Power of Official-Looking Communication:

  “They actually created a real Apple support case in my name. They had me go to my mailbox and walked me through the case confirmation email verifying that the email sender was legitimate. It checked out.” — Eric Morey, quoted by Roman [04:54]

• On the Psychological Manipulation:

  “This was brilliant psychological manipulation. Each completed check mark built trust. The in progress indicator created urgency. I was watching my account being secured in real time, or so I thought.” — Eric Morey, quoted by Roman [13:40]

• On the Moment of Realization:

  “Seconds after entering that code, an email arrived which made my blood run cold. A device I didn’t own had signed into my account. This wasn’t legitimate. I told the rep who I was still on the phone with. He said it was expected as part of the security process. ... The call dropped.” — Eric Morey, quoted by Roman [15:40]

Important Timestamps

• 00:00–01:30: Introduction, episode purpose
• 03:17 pm ([02:20]): First fake authentication text and notifications
• 03:18 pm ([03:20]): Automated Apple call; first scam phone call
• 03:31 pm ([04:45]): Second scam call with real-time guidance
• 03:32 pm ([05:40]): Official Apple support email received
• 03:44 pm ([10:40]): Fraudulent “case closing” text and phishing link
• 03:47 pm ([15:35]): Realization of the scam, immediate damage control
• 21:50–22:30: Apple and FBI advice on how to avoid such scams

Takeaways & Advice

• Sophisticated phishing attacks can deploy real emails, texts, and phone calls from official sources.
• If you receive a call out of the blue from “Apple Support” (or any company), do not engage—end the call and use the official website or support numbers to verify.
• No legitimate company will ask for your 2FA codes or send you unexpected links to resolve security problems.

This episode is a must-listen for anyone using Apple devices or concerned about personal cybersecurity. As Roman stresses:

“If you remember that as a binary, you’ll be protected from these attacks, whether it’s Apple or Google or a bank or any other organization. Hang up. … call a publicly available support number.” [22:28]

Stay informed. Stay skeptical. And always verify before you trust—even when “Apple” is calling.