Tag Archives: Apple

Gone (Almost) Phishin’

March 9, 2026TechApple, iphone, SecurityMatt

This is a little embarrassing to share, but I’d rather someone else be able to spot a dangerous scam before they fall for it. So, here goes.

One evening last month, my Apple Watch, iPhone, and Mac all lit up with a message prompting me to reset my password. This came out of nowhere; I hadn’t done anything to elicit it. I even had Lockdown Mode running on all my devices. It didn’t matter. Someone was spamming Apple’s legitimate password reset flow against my account—a technique Krebs documented back in 2024. I dismissed the prompts, but the stage was set.

What made the attack impressive was the next move: The scammers actually contacted Apple Support themselves, pretending to be me, and opened a real case claiming I’d lost my phone and needed to update my number. That generated a real case ID, and triggered real Apple emails to my inbox, properly signed, from Apple’s actual servers. These were legitimate; no filter on earth could have caught them.

Then “Alexander from Apple Support” called. He was calm, knowledgeable, and careful. His first moves were solid security advice: check your account, verify nothing’s changed, consider updating your password. He was so good that I actually thanked him for being excellent at his job.

That, of course, was when he moved into the next phase of the attack.

He texted me a link to review and cancel the “pending request.” The site, audit-apple.com, was a pixel-perfect Apple replica, and displayed the exact case ID from the real emails I’d just received. There was even a fake chat transcript of the scammers’ actual conversation with Apple, presented back to me as evidence of the attack against my account. At the bottom of the page was a Sign in with Apple button that he told me to use.

I started poking at the page and noticed I could enter any case ID and get the same result. Nothing was being validated. It was all theater.

“This is really good,” I told Alexander. “This is obviously phishing. So tell me about the scam.”

Silence. *Click*.

Once I’d suspected what was happening, I’d started recording the call, so I was able to save a good chunk of it, which Jamie Marsland used to make a video about the encounter. You can hear for yourself exactly how convincing “Alexander” was.

So let my almost-disaster help you avoid your own. Remember these rules.

Don’t approve any password-reset prompts—those are the first part of the attack. Do not pass Go, just head directly to your Apple ID settings.
Apple will never call you first.
When you get an email from Apple—or, really, anyone telling you to complete a digital security measure—check the URL they’re trying to send you to. Apple Support lives on apple.com and getsupport.apple.com, nowhere else.

After all, the best protection is knowing what this looks like before it happens.

It’s kind of a sobering thought that mobile communications, the cornerstone of the modern world in both developed and developing regions, pivots around software that is of dubious quality, poorly understood, entirely proprietary, and wholly insecure by design.

Thom Holwerda writes about the second operating system hiding in every mobile phone.

Comscore, whose accuracy is generally between a Lotto Quick Pick and a drunken dart throw, says Google Maps usage has fallen since Apple Maps came on the scene. The Guardian has a good overview: How Google lost when everyone thought it had won.

We shouldn’t be surprised that in the absence of choice, people take the path of least resistance. What’s missing in these discussions is how it’s criminal Apple gets away with not allowing alternative defaults for maps, browsers, calendars, and any number of other areas, which means every time you click a link or address in the OS it opens Safari or Apple Maps, in my opinion inferior apps. Some developers get away with this by having settings to set Chrome or Google Maps as your default, like Tripit just added, but this is implemented in a hacky, per-application way, and every app puts their setting in a different place if they support it at all.

If Microsoft did this a decade ago we’d call for the DoJ to reopen their investigation. Apple has the best phone, best tablet, and in many ways the best operating system — we should not give them a pass for this blatantly self-interested and user-hostile stance. Defaults matter.

“Apple Lossless, also known as ALAC, is a lossless audio codec Apple developed some time ago for digital music. The codec compresses music files anywhere from 40-60 percent of their original size with no discernible loss in audio quality or fidelity.” — Apples ALAC codec is now open source. About a year and a half ago I started re-ripping all my music in ALAC, it’s fantastic, especially now that iTunes can down-convert when syncing to iPhones / iPods.

Israeli Security Hates iPad

September 7, 2010AsidesApple, ipad, israelMatt

I had a pretty interesting experience going through security at Ben Gurion airport — I almost didn’t make it through. I had heard the airport security in Israel was different but I had no idea. They spent about an hour asking questions, turning on (and taking apart) every piece of the 20+ electronic items I travel with, with particular attention and questions around my iPad. They took it out of the Apple case, turned it on, scanned it, took it away for 10 minutes to scan somewhere else, asked if anyone else in Israel had used it, when I last used it, asked when I got it, and ultimately said that their “technology team” had not cleared it for carry-on and they would need to pack it in a special box, wrap it, tape it, and check it directly with Continental (I couldn’t touch it or the box except to put some WP stickers on so I could identify it later). Wowza! My Sony PC, though, is safe to fly with. No wonder I saw so few Apple products at WordCamp. 🙂

“There is the iPad”

May 30, 2010AsidesApple, new york timesMatt

“Our experience of technology has been largely wondrous and positive: The green revolution ameliorated the problem of world hunger (for a time at least) with better seeds and fertilizers to increase harvests. When childhood diseases were ravaging the world, vaccines came along and (nearly) eliminated them. There are medicines for the human immunodeficiency virus and AIDS. There is the iPad.” NY Times: Our Fix-It Faith and the Oil Spill.

Create Windows 7 Hotspots

May 26, 2010AsidesApple, Microsoft, wifiMatt

Windows 7 has an awesome utility called netsh that allows you to create wifi networks, even if you’re already connected to a wifi network on the same interface, which is actually slightly better than the same feature on OS X. If you don’t want to play with the command-line, there’s a handy utility called Connectify that makes creating a wifi hotspot from your Windows 7 box a breeze. This was one of the things I missed most about my Mac laptops.

Apple Ruins Easter?

April 1, 2010AsidesApple, ipadMatt

How many people aren’t going home for Easter weekend because they want to get their iPad shipment on Saturday? 🙂 BTW we have an iPad-optimized WordPress app in for review, hopefully it makes the cut for launch.

Cool Touch Interface

January 26, 2010VideoApple, multi-touch, techcrunchMatt

While reading Michael Arrington’s essay Why Desktop Touch Screens Don’t Really Work Well For Humans I came across this video, which I thought was pretty cool.

Hopefully this whets your appetite for whatever comes out of Apple tomorrow. Should be an interesting day for WordPress.com as well: whenever Apple does a major announcement we blow past all our previous traffic records. The current one-day record is 63.5 million pageviews.

OS X Optimizations

August 16, 2009AsidesAppleMatt

Monolingual is a Open Source utility for Mac OS X that removes all the not-needed languages from your computer, freeing up hundreds of megabytes. My Mac mini is going “laggy” with the mouse jumping around instead of being smooth when I move the cursor around — any more tips for optimizations?

App Store

August 2, 2009AsidesApple, iphoneMatt

Chris Messina on why Steve Jobs hates the App Store.

MobileMe Notes

January 30, 2009AsidesApple, me.com, mobilemeMatt

Dear MobileMe / Me.com, I really think you’re swell. I’ve been dreaming dreams of sync since my first Handspring, and you are the best I’ve used. Two things would put you over the top. First, the notes application on the iPhone is handy, but please sync this to a quickie app on Me.com so I can put stuff in and out of notes easily. Second, and this is a stretch, I know you don’t like to-do applications, but I also have an inkling you could do something that would make me stop using paper and pen for to-dos. And synchronize it. With love, Matt.

Apple HDCP

November 20, 2008AsidesApple, hdcp, macbookMatt

Apple Bends to Studios, Adds Copyright Protection to MacBooks.

Interference Robustness?

August 1, 2008AsidesApple, interface robustness, OS X, wifi, wirelessMatt

What is Interference Robustness? In case you’ve ever wondered what that checkbox under Mac wifi means.

WordPress for iPhone!

July 22, 2008AsidesApple, iphone, WordPressMatt

WordPress for iPhone Available Now. :)! Reviews coming in: WordPress app hits the iPhone fashionably late.

Macworld Liveblogging

January 15, 2008AsidesApple, gizmodo, wordpress.comMatt

Rating the Livebloggers talks about three of the blogs that were covering Steve Jobs keynote where he announced the Macbook Air. The one with the highest rating, Gizmodo’s Live site, is hosted on WordPress.com as a VIP, which is how they managed to avoid the problems that hit Crunchgear, Engadget, Twitter, et al. Here’s a Flickr picture showing how spiky the traffic can be. (That’s from the iPhone keynote, not the latest one.)

iPhone Disappointment

June 30, 2007AsidesApple, at&t, cell phones, iphoneMatt

The process of buying the Apple iPhone was pretty easy. Glenda and I walked into a store in Daly City at about 8:30 PM and each ordered one, and walked out. No lines. The device is physically much more elegant and smaller than I expected, and the iTunes-integrated signup process was fairly smooth. However, it’s been hours now and still no activation, which means I have a very expensive paperweight, which is worse than not having it at all. Update: Approximately 16 hours after my inital setup, I now have a working phone. I was contemplating taking it back, but I’m glad I didn’t.

Mossberg iPhone Review

June 26, 2007Asidesallthingsd, Apple, cell phones, iphone, nytimesMatt

Walt Mossberg has his review of the iPhone up, with an accompanying video. I would also link to the NY Times review, which had some differing opinions, but when I went back to the page to get the link it wanted me to login. Welcome to 2007. Both Mossberg and Pogue dug the keyboard… after a few days.

Matt Mullenweg

Unlucky in Cards