Symantec has recently observed phishing scams targeting Apple iPhones in order to gain serial numbers, IMEI, model, and capacity, etc.

What is an IMEI?

An IMEI (international mobile equipment identity) is a 15-digit unique number used by GSM networks to identify valid devices. Every GSM, WCDMA, or iDEN mobile phone (and even the odd satellite phone) has an IMEI. It can be found under the battery of the device or by typing *#06# on the mobile. If your phone or device is lost or stolen you can report it to your service provider, providing the IMEI number. The service provider can then blacklist the IMEI number, rendering the device unusable in that country.

Why do scammers need the IMEI number?

A device with a blacklisted IMEI is unusable in that country. There is no restriction on having the same IMEI number for two devices. So, scammers can simply steal the number from other users who have valid or working IMEIs and copy it to the stolen device. Scammers can then use the stolen device or even sell it.

How are scammers stealing IMEIs?

Scammers have been creating phishing sites that make the claim that a free one-year warranty extension for a certain mobile device or devices is available. To obtain the (fake) offer, users are asked to provide their device information, including serial number, IMEI number, type of phone, and so on. Below is an example of such a phishing scam:

iphone 1

iphone 2

Once the scammers gather the iPhone information for valid devices, they replicate it to the stolen devices. The process of changing the device IMEI isn’t difficult to perform. It can be done by installing some drivers onto a system that is connected to the mobile device through a USB cable, without the use of any external devices. This way they can convert the device information to any set of data that they choose.

Giving out device information can be dangerous because criminals can use such info to perform illegal activities. Therefore, it is recommended that users remain wary and use caution when it comes to these types of scams.

Internet users are advised to follow best practices to avoid phishing attacks. Here are some basic tips for avoiding online scams:

  • Do not click on suspicious links from emails.
  • Check the URL of the website and make sure that it belongs to the brand.
  • Type the domain name of your brand directly into your browser’s address bar rather than following any link.
  • Frequently update your security software, such as antivirus and antispyware