Published on July 14, 2026
Warning: Scammers are using FaceTime to empty bank accounts
Severity
Medium
Apple has issued a warning to iPhone and iPad users about increasing scam attempts involving suspicious FaceTime calls, messages, and emails. Attackers are impersonating trusted organizations, including Apple Support and financial institutions, to trick users into revealing sensitive information such as Apple ID credentials, banking details, payment information, and one-time verification codes.
The warning is part of Apple’s guidance on preventing social engineering attacks, where attackers manipulate victims through trust and urgency rather than relying on malware. These scams often involve fake account alerts, refund notifications, password reset requests, or claims of fraudulent activity to convince users that immediate action is required.
Recent campaigns have shown that attackers are combining social engineering techniques with known software vulnerabilities. While social engineering is used to obtain credentials or sensitive information, unpatched vulnerabilities may allow attackers to further compromise devices. This combination increases the risk of account takeover, data theft, and unauthorized access.
How?
The attack typically begins with an unexpected FaceTime call, phone call, text message, or email that appears to originate from a legitimate organization. Attackers may use Apple-related branding, caller ID spoofing, or convincing messages to create a sense of trust.
During the interaction, attackers commonly use the following techniques:
- Claiming that suspicious activity, unauthorized transactions, or technical issues have been detected on the victim’s account.
- Requesting users to verify sensitive information, including credit card details, banking credentials, Apple ID passwords, or authentication codes.
- Asking victims to install remote access applications that allow attackers to control or monitor the device.
- Creating urgency by threatening account suspension, financial loss, or security risks if the user does not respond immediately.
Unlike traditional malware attacks, these scams do not require malicious software to compromise the device. Instead, attackers exploit human trust by impersonating familiar brands and using real-time communication channels such as FaceTime to appear more legitimate. Attackers may also combine these scams with technical exploits. For example, stolen credentials obtained through social engineering can be used alongside browser or operating system vulnerabilities to gain further access to user accounts or devices.
Recommendations
Users should treat unexpected FaceTime calls, messages, and emails requesting personal information, payments, refunds, or account verification as suspicious. Legitimate organizations, including Apple and financial institutions, will not request passwords, authentication codes, or sensitive information through unsolicited contact.
Users are advised to:
- Avoid responding to unexpected calls or messages claiming to be from Apple Support, banks, or other trusted organizations.
- Never share passwords, verification codes, banking details, or personal information through unverified communication channels.
- Contact organizations directly using official websites, applications, or verified customer support numbers instead of using contact details provided in suspicious messages.
- Keep iPhones and iPads updated with the latest iOS or iPadOS versions to ensure security patches are applied.
- Enable automatic updates to ensure critical security fixes are installed as soon as they become available.
- Use security solutions with real-time protection and scam detection capabilities where appropriate.
Suspicious FaceTime calls that appear to impersonate financial institutions or trusted organizations should be reported to Apple through its official reporting channel.
To check for available updates:
Settings -> General -> Software Update
Source
