FullMotionVideo t1_j3ekju3 wrote
iPhones have basically no real attack vector, since all software available for the thing is curated by Apple to look for malware. To put it in a way a Linux user would appreciate, unless you're the kind of person who runs Arch or Gentoo, you're not going to be running unsigned code on the phone. All the software on the device has been approved by Apple before it was ever given a signature and allowed to be downloaded.
A number of older models can be deliberately jailbroken to run unsigned code, but you have to be one of those enthusiasts I just mentioned. She also maybe could in theory join a beta test group on TestFlight (the pre-release public testing platform) that would run malware that hadn't been submitted to Apple, but that's very unlikely.
This is a device state agencies are using and their enemies are trying to hack into. Some script kiddie targeting a wide range of people like your Mom is not going to be hacked. What is more likely to happen is she falls for a phishing attempt and people get ahold of her credit cards or personal data by pretending to be Amazon, Comcast, etc.
myfufu OP t1_j3elvtw wrote
Yep. I'm 100% sure that's what happened. But somehow she gets a new CC and within 24 hours the number is on the street and being run again. She even changed banks and the same thing happened. As soon as the number gets entered in one of her iDevices, it's out there.
thursdayfern t1_j3esqaf wrote
Where is your mother entering in her credit card details?
Adding the card to wallet? Saving the card details to safari auto fill? PayPal? Just using the card on an online store?
SomegalInCa t1_j3f2nrs wrote
Yeah good questions- likely hood of phone etc being hacked so much lower than a phishing attack
Have you checked the browser on computer for a keyboard sniffer?
myfufu OP t1_j3f8e1r wrote
There was a suspicious looking pay "ad-blocker" app that I removed; otherwise no extensions on any of the browsers as far as I can tell.
SomegalInCa t1_j3f8h3q wrote
Worth googling it to see what others say
myfufu OP t1_j3gyp3f wrote
Reviews made it seem legit, but I remain skeptical. Thanks for the thought though.
myfufu OP t1_j3f89cb wrote
Great questions. Pretty sure she had it in the Apple Pay for whatever reason. Yes to wallet, I think. No to autofill and Paypal. Yes to online shopping. But suspicious charges have shown up with a new card on like, the second day when she's only been grocery shopping. It's flippin' weird.
The other concern is her online banking. We have changed her bank account password and I basically told her she's not allowed to look at her account on these devices until I get them wiped.
myfufu OP t1_j3es9sf wrote
Not sure why the downvote, I'm reporting what happened.
TheOneInTheHat t1_j3fxo81 wrote
Is there a chance someone has spoofed her SIM card and is intercepting information. It’s unlikely that the data is being leaked from the iPhone side.
https://www.certosoftware.com/insights/how-to-tell-if-your-sim-has-been-cloned-or-hacked/
myfufu OP t1_j3gys1v wrote
Plausible, but she doesn't access her bank account from the phone, only the imac.
Viewing a single comment thread. View all comments