Apple faces a new challenge with store pickup for online orders, as security researchers at the Black Hat Asia conference uncovered a cybercrime scheme that has cost the tech giant over $400,000. The scheme exploits Apple Store Online’s ‘Someone else will pick it up’ feature.
In this sophisticated scam, cybercriminals sell Apple products at lower prices on second-hand online platforms in South Korea. Once a buyer agrees to purchase, the criminals use stolen credit card information to buy the product from the Apple Store. Instead of shipping the item, they select the ‘Someone else will pick it up’ option, allowing the buyer to collect the product from an Apple retail store using a government ID and QR code/order number.
The researchers, Gyuyeon Kim and Hyunho Cho, named the scam PoisonedApple. Criminals can profit substantially from this scheme, with a single iPhone 15 bought for $700 and resold at $800 resulting in a $700 profit. However, victims have faced challenges in reporting these incidents due to Apple’s internal policies causing delays in investigations.
While the current focus is on South Korea and Japan, evidence suggests that the culprits may be based in China, with potential expansion to other regions, including the United States. To avoid falling victim to such scams, it is crucial to remain cautious when making online purchases, verify sellers’ authenticity, and report any suspicious activities promptly.
Stay informed and vigilant to protect yourself from falling prey to similar cybercrimes.
