I have zero banking connections on my phone. None on my wife's phone,. either.

Phones can fall into other people's hands. They are not secure. I've met people whose phones are unlocked and have automatic logins to their banks. When I explain how dangerous that is, some just shrug it off.

I recommend that you never access any bank accounts from your cell phone. Ever.

I go to the bank and stand in line. Was carrying a lot of cash. Bank teller told me about a prepaid debit card. Love it. Put a grand in every month and have no credit card bill. If someone steals my account I’m not out big bucks and easy to cancel at the bank.

My password is random enough that nobody would ever find it. It's not written down anywhere where anyone would ever look. I use a unique login name, as well. I would never do anything financial on my cell phone. I carry plastic cards and use those. All of my online stuff is done using random passwords which I have memorized. There is a paper record of those passwords, but it is not accessible to anyone but me and my wife.

I use a very limited number of accounts online. Neither of those ever has much money in them or a large available credit limit.

the same way. I have no bank accounts on my phone, no how, no way.

Checking with my Bank on the following Monday, it turns out someone in Singapore tried to empty my Business account, but the bank refused the charges, knowing it was NOT ME making the charges. After speaking with someone from my Bank, it was cleared up and issued a new Business Debit card I use for purchases for my Business only. My account was secured and all was good.

I keep close watch on all purchases and make sure the correct deductions are made each month, plus knowing what will be coming up that requires automatic withdraws. I also notified concerned parties of the Debit card change to make sure they have the correct account.

There are scammers out there. So be careful.

I've never set up any banking or other money transactions via my phone because I've always been a little suspicious as to how secure those processes really are, figuring anything can be hacked. My phone keeps reminding me to set up Apple Pay and I've been ignoring it. Guess I'll keep ignoring it.

I never set up Apple Pay. I also rarely have my phone on. I still have what I call a house phone, not really a landline because it’s through my cable company.

The apple ID thing is clearly not secure, and banks DONT CALL YOU.

I like my Apple products but I won't link my phone or my Apple ID to my banking and credit card information. Even in the unlikely event that a scammer got my Apple ID, it wouldn't lead them to my bank account. The scamee (is that a word?) in the OP had an Apple Mastercard and an Apple wallet that were linked to their bank account, and they all depended on access to their Apple ID. The error was in making the Apple ID the key to access everything else. The setup is probably very slick and convenient, but it illustrates the problem that can arise in any complex system: if you have a single point of possible failure with no fail-safe or bypass you're screwed. The products themselves are fine; just don't make them the sole hub for your financial transactions.

Tell them to give you a call back number and check if it's a legit phone number for the financial institution. If it isn't, call you financial institution and report what happened. Banks and credit card companies *do* take this stuff seriously.

Call the number on your card.

You've got me wondering about one instance where I have linked my PayPal account to a website.

Do you think that is not a good idea?

I've gotten some emails purporting to be from PayPal claiming something or other has been charged to my PayPal account, and I go directly to PayPal to check and it's never true. It's always a scam; never click on the link in the email. The OP here addresses a particular problem that arose from using their Apple ID to link to a bank account, which made it possible for a scammer to take over all of their Apple devices and lock them out. That's a more complicated situation, but avoidable if you don't link all your accounts to one source.

From Reddit:

Google doesn't offer direct support for their free services.

Our bank is extremely vigilant.
If there's a large transaction they'll call to make sure it's us.
They will freeze the transaction until they hear from us.
We appreciate it.
They always go out of their way to identify themself.
One time it was actually fraud and the charge was reversed.
NEVER asked us to change password.
Apple user for years.
Never any problems.

The banks will call you for authorization for charges. They will never ask you for personal information, or tell you to call a certain number or click on a web link.

Only call the number on the back of your card.

When someone tried to take over my checking account. I immediately hung up and called the number on the back of my card. Sure enough it was the fraud department that had called. Someone was using voice recognition to try and access the checking account. Had to completely close the account and get a new checking account. A big pain in the A$$. New checks, new debit cards, change all automatic payments., etc. But no money was stolen, thank goodness.

I'm not an Apple user, but I have had my credit card providers phone me to confirm charges that seem out of character, and they were right and I was grateful.

A few weeks ago someone posted a story about how some guys crypto accounts were hacked & one guy lost half a mil & the other millions. Both fell for an urgent phone call from customer service. Always call the company back yourself. Use the phone number on the back of your credit card or look the company up on the internet. NEVER use a link they send you. Or a phone number.

Some helpful graphics.

For each passing year, divide each of those times by 2.

Partly improved hardware, partly improved algorithms.

Not sure what HOD is.

Damn, this is a hugely important thread.

Thank you OP and everyone replying with great advice!

Thank you.

So many times I have heard that Apple products are secure.

Now I feel a bit of relief I don't have them, but my sisters, mother and brother-in-law, and niece all have them!

than Microsoft software, but because hackers mostly target Microsoft's larger user base, you rarely hear of the Apple vulnerabilities. Microsoft has a much larger user base than Apple.

Did you know that the majority of Apple users are Republican / Conservatives?
Apple Fanboys are the worst.

for visibility

through this. I would be beside myself. Thinking about gives me the chills.

Someone you know (or know of) had this happen to them? Reminds me of why Snopes was founded.

Speaking of Snopes, here’s what they have to say about Apple calling you: https://www.snopes.com/fact-check/apple-support-call-on-suspicions/.

to someone who contacts you first, but immediately contact your financial institution yourself using the phone number on your card or your account and ask them if there is a problem.

Several times the fraud division at either Chase or Mastercard has contacted me to confirm credit card activity that turned out to be fraud. I really appreciated these calls.

And when they make those calls, they are from different numbers than appear on the back of the card because they are from a different division within the bank.

Just sharing my experience.

And for the long haul---be very careful how much info you put on a device and how many devices share that. Paperless is convenient for hackers, too.
BTW, this is not to blame victims--hackers are savvy and faster than most of us. I'm lucky to have an IT husband who keeps up with the warnings.

a supposed call from your provider.

The specifics of this scam are not very different from any such where the person forgets that rule.

But they won't be since lots of higher-ups do similar things under the Art of the Deal.

in this case the Apple ID that comes with them, to link to financial services. I'm not ditching my iPhone or my MacBook, I'm just not going to use the phone to buy things or do my banking.

Before I got very far in your post I handed it to my husband to read. He is my tech support — and I think if he had enough hair left it would have been standing on end.

I don’t have any of Apple’s offers to be my banker, credit card, wallet, or payment processor turned on — but there is a perpetual notice that I have “not finished setting up” my iPhone and iPad.

Except — we just got me a new iPhone several weeks ago in anticipation of the Trump Tariffs in 2025. And I think — in fact I am pretty damn sure — that all the installations for the phone automated the permission process and ended up tweaking my iPad settings, because both devices just now showed that everything to do with Apple banking was turned ON. 🤬🤬🤬

Thanks to you, the stuff I wanted no part of is now OFF, plus “find my iPad”. .

I am so sorry this happened to you. It’s just evil.

case it may also help, my tech savvy bestie says best practices to save yourself grief are:
1. change your passwords, ideally login name too, every 6 months or so
2. don't re-use passwords.

With so many hacks and such advances in tech used by creeps, it is common for our login credentials to sit out there on the dark web post-compromise for months or even years, till som baddie decides to launch a mass attack and gets a lot of folks at once. None of us need this. I wouldn't wish it on Mike Johnson, even.

Aloha nō.

Apple users keep getting annoying password reset requests in a new phishing scheme
The scam aims to change their password and lock them out of their devices
By
Jody Serrano / Gizmodo

https://qz.com/apple-reset-password-phishing-scam-iphone-spoofing-call-1851370609

an Apple product again. It just seems like it's too easy to get locked out of your device, or get everything on it wiped. Almost happened to me with my IPad when it kicked me out and I couldn't remember my Apple ID because it was connected to an old email account I hadn't used for years. And even with all that "safety" it sounds like they're not really that secure.

For taking the time to type this out for us. I'm pretty security conscious but may have been taken in by such an elaborate scam

Like some others upthread, I do everything financial on my desktop PC which only I use. Using a phone becomes a chore - I never thought I'd be happy to have bad eyesight, failing ears and arthritic hands.

I made note of the name, called the bank and they transferred me to the person, which told me it was a legit call......it is NOT hard to do!

It happened to me not that long ago… I got a call that my phone bill was going to go to court if I didn’t pay it on the phone right then and there. I was arguing with them that I had closed that phone number a long a while ago until it dawned on me that I was being scammed. Nothing till that point I just thought they were wrong about my phone number, ha!

I’m embarrassed to say it, but that is what happened

Right about that time is when they hung up on me and that’s how long it took me to figure it out; it felt like fear. I i’m not normally a fearful person and I didn’t feel afraid for my safety, but my thinking was definitely affected by the call in the short term. If I wasn’t upset, I would’ve told them in the first five seconds that they were full of …baloney.

I think I was programmed from day one to not trust anyone.

Reading about these cases of sexual harassment, for example - fuck that noise, any guy who ever "touched me inappropriately" paid for it IMMEDIATELY, I didn't tolerate that shit for one second. And that INCLUDED when I was in the military IN THE 70's! I have to remind myself that not all women are like me.....

Don’t answer the phone for unknown callers. This method stops the thief’s scam right out of the gate. But, iPhone has a way to bypass unknown callers, of which 99+% are spammers looking to scam you.

1. Settings-Focus-Do Not Disturb-People-Allow Calls From, then choose “Contacts Only”
2. Settings-Phone-Silence Unknown Callers-toggle “On”

Doing these 2 steps together will result in you not even having to hear the phone ring when one of these pests call you. And who wants to spend all day being bothered by pests anyway? The caller still has the option to leave a voice mail, but the pests almost never do that. Catching you by surprise is part of their tactics.

And on occasion if you are waiting for a call from a number not in your contact list, just turn off the settings long enough to get your call and then turn them back on again.

No banking on my iPhone but I do check my credit union CC transactions frequently to make sure it’s all good..I don’t charge anything unless I don’t have a choice even tho they say it’s safer than a debit card. I get suggestions to change my password but I better take the time to do that now that I’ve read this thread. I don’t answer my phone if I don’t know who is calling and 99% of the time, there no voicemails so I figure they’re scam or charity related. I think you can be as diligent as possible but these criminals have a lot of tricks so ya gotta think like a crook, I guess, to keep up n be safe. Very interesting thread and I appreciate the good advice 🙏

I would ABSOLUTELY wish this on Mike Johnson.

FOR THE LOVE OF GOD, STOP RECOMMENDING THIS! It's unsourced, and reads like an urban legend: "My friend had this happen on New Year's Day!" is hearsay at best and spreading false information at worse. I'm a librarian and have tried to find anything in the news or on various Apple support websites and haven't found doodley-squat indicating this ever really happened. You'd think if it was really true, Apple would be warning their own customers about it.

Geesh, DU. I thought we were critical thinkers. I can't believe this baseless rumor has 93 recs as I type this.

Removed mine until further info.

One of the best things you could do. And don't make them different by adding a number or one letter or something that could be guessed by a decent hacker.

You shouldn't have passwords you can remember!
Except if you use a program like KeePass. One master password to open KeePass and then generate new passwords every time you have to create a new one for new websites etc.

You can use KeePass then close it so anybody hacking into your computer won't be able to access it.

I work in banking and I cannot tell you the number of customers old and young, wealthy and not, educated and not, who have been scammed.

I don’t care if it’s the same phone number as your bank or Apple just hang up and actually call Apple or your bank. Scammer can spoof numbers. If it truly is your bank, they actually will not be offended and would rather you feel safe than be scammed.