Possible to hack an iPhone via phonecall?
December 10, 2019 3:15 PM Subscribe
A friend is insisting that their iPhone has been hacked and would like my help in fixing the issue. I'm not sure this occurred or that his phone has actually been hacked, but listen to the story and tell me what ya think please. ..
My buddy Mike was taking a nap, then awoken by a phone call from himself. The person on the line said it was his phone network provider, saying his account was being suspended and that he'd need to speak to Customer Service immediately. He suspected a phishing attack, but played along, said ok and was put on hold. After about a minute the phone call was terminated.
No strange behavior of the iPhone has been reported, but he's wary of using it now.
I checked his phone call library and there is indeed a phone call from himself, of a minute duration.
My question is this: is it possible to hack a phone over the phone, via a phone call or any other method? Is this a known thing?
My friend is will be reading this thread, so be kind to him, please.
My buddy Mike was taking a nap, then awoken by a phone call from himself. The person on the line said it was his phone network provider, saying his account was being suspended and that he'd need to speak to Customer Service immediately. He suspected a phishing attack, but played along, said ok and was put on hold. After about a minute the phone call was terminated.
No strange behavior of the iPhone has been reported, but he's wary of using it now.
I checked his phone call library and there is indeed a phone call from himself, of a minute duration.
My question is this: is it possible to hack a phone over the phone, via a phone call or any other method? Is this a known thing?
My friend is will be reading this thread, so be kind to him, please.
I get several calls a day from numbers that match my phone number except for the last four digits.
I get several calls a day from numbers that match my phone number including the last four digits.
The short answer to the question posted is "no, this has not happened to this person."
The slightly longer answer is that every year or so someone figures out yet another way to crash an iphone using a weird unicode sequence in a text message, and someday someone's probably going to figure out an exploit around one of these, but that hasn't happened yet, and you shouldn't worry about this.
posted by dmd at 3:24 PM on December 10, 2019 [4 favorites]
I get several calls a day from numbers that match my phone number including the last four digits.
The short answer to the question posted is "no, this has not happened to this person."
The slightly longer answer is that every year or so someone figures out yet another way to crash an iphone using a weird unicode sequence in a text message, and someday someone's probably going to figure out an exploit around one of these, but that hasn't happened yet, and you shouldn't worry about this.
posted by dmd at 3:24 PM on December 10, 2019 [4 favorites]
I've not heard of this being an attack vector but his best bet is just to call customer service directly and ask them if they've reached out.
I do this all the time with strange calls claiming to be businesses I have accounts with. If they ask for any sort of personal information I ask for their number, confirm it online and call them back.
posted by bitdamaged at 3:29 PM on December 10, 2019
I do this all the time with strange calls claiming to be businesses I have accounts with. If they ask for any sort of personal information I ask for their number, confirm it online and call them back.
posted by bitdamaged at 3:29 PM on December 10, 2019
"I've not heard of this being an attack vector but his best bet is just to call customer service directly and ask them if they've reached out."
Don't do this. Do not waste your time. This is a scam using a spoofed phone number.
posted by jonathanhughes at 4:00 PM on December 10, 2019 [8 favorites]
Don't do this. Do not waste your time. This is a scam using a spoofed phone number.
posted by jonathanhughes at 4:00 PM on December 10, 2019 [8 favorites]
Why would your friend think his phone was hacked rather than this being an absolutely standard piece of phone fraud?
posted by Candleman at 4:09 PM on December 10, 2019 [1 favorite]
posted by Candleman at 4:09 PM on December 10, 2019 [1 favorite]
Response by poster: Thanks y'all, his fears have put to rest.
posted by Brandon Blatcher at 5:14 PM on December 10, 2019
posted by Brandon Blatcher at 5:14 PM on December 10, 2019
I am as paranoid as the next person, and I am quite certain that a nation state could probably screw with his phone through a phone call, but I am also a gambler and the chances that the call was from a nation state actor trying to hack into your friend's phone is infinitesimal.*
Like above, this was some sort of scam, but most likely, they just wanted to confirm the number was a live one and now your friend's number will be added to some list that says he is a live one and willing to answer phone. I bet your friend's rate of scam calls goes way up in the next few weeks.
* Unless your friend works for a governmental three letter agency or is privy to state confidential or classified info. Classified like nuclear codes or where Iran keeps their plutonium.
posted by AugustWest at 5:53 PM on December 10, 2019 [1 favorite]
Like above, this was some sort of scam, but most likely, they just wanted to confirm the number was a live one and now your friend's number will be added to some list that says he is a live one and willing to answer phone. I bet your friend's rate of scam calls goes way up in the next few weeks.
* Unless your friend works for a governmental three letter agency or is privy to state confidential or classified info. Classified like nuclear codes or where Iran keeps their plutonium.
posted by AugustWest at 5:53 PM on December 10, 2019 [1 favorite]
Your friend should consider freezing his credit and setting up 2-factor authentication on as many important services as he can. This is the concerning part for me:
posted by tybstar at 9:33 AM on December 11, 2019
...played along, said ok and was put on hold. After about a minute the phone call was terminated.Now the scammers have an audio recording of your friend agreeing to anything the scammers want. A detailed discussion of the problem can be found here.
posted by tybstar at 9:33 AM on December 11, 2019
If you read that entire article, you can see that there's substantial skepticism about whether this ever actually happens, as it's just not that useful in most circumstances (in circumstances where no one's checking, it's just as easy to fake a "yes"; in circumstances where they are, the voice recording won't be good for that much).
posted by praemunire at 11:51 AM on December 11, 2019
posted by praemunire at 11:51 AM on December 11, 2019
This thread is closed to new comments.
I will leave detailed technical answers to those better qualified to give them, but what most likely happened here is that someone was going to run a tech-support scam on your friend (requesting either money or personal info to "unfreeze" his account or something) and the call got dropped.
Dear friend, please stop answering calls from weird numbers and "playing along" with suspected scammers. It will save you much anxiety.
posted by praemunire at 3:22 PM on December 10, 2019 [12 favorites]