11 Jan 2026 - AJ
Happy New Year, and welcome to 2026!
I took a longer break than expected due to some family issues but I’m back.
Before I get to talking about this week’s scam, I want to mention that I took a look at my most-hit page, and it’s still the “I reported you by mistake” scam that plagues so many social media sites, while in second place it’s my article about scammers reaching out via Whatsapp to people booking on Booking dot com. I get the most traffic from Bing, with Duck Duck Go and Ecosia in second and third place.
I also get my fair share of Chinese and Russian IPs trying to find a way to exploit some misconfigured PHP page or something. This site is 100% static, folks.
Anyway, the person who almost fell to this week’s scam isn’t some random person, but a product manager at Broadcom named Eric Moret. As a reminder, just because people are technically knowledgeable doesn’t mean they’re not vulnerable to scams. In particular, since this one used authentic Apple processes to help carry it out means that most of us might fall right into the scammer’s trap. Even knowledgeable people can get caught up if they aren’t thinking clearly.
In Eric’s case, he felt something was wrong and got his password changed up immediately. He’d felt something was a little off during the call, but he hadn’t put two and two together.
As I mention in the article, Apple does not call people. Even high-value executives at major tech companies. I’ve emphasized this again and again: if someone purporting to be from a company calls you and you were not expecting the call, hang up, find a legit number (and make sure you are on the business’ site) and verify that they are who they say they are.