Apple and Meta EDR Scams

Law enforcement agencies have to obtain a warrant or a subpoena before they request user data from tech companies. They can work around this by issuing an Emergency Data Request (EDR). This request must be done urgently by the tech company. Cybercriminals saw this as an opportunity and have been hacking into law enforcement agency email systems. They then can send out fake EDRs and if the tech companies send over the user information, the cybercriminals are able to obtain all the sensitive data.  

This exactly happened to Apple, Meta and other tech companies in 2021. They received fake EDRs and sent over all sensitive user data to cybercriminals. The data included IP addresses, phone numbers and user’s addresses. This data breach is coming to light so we can expect cybercriminals to be creating more scams using fake EDRs.

Tips:

• You can prepare and protect yourself from potential data breaches by updating your passwords every 3 months, using multi-factor authentication, and by not sharing sensitive data on social media.
• Be careful of shocking headlines about Apple, Meta and other tech companies related to EDR. Many articles on the internet are false and are trying to spread disinformation.
• Watch out for fake emails and phone calls that say you or your company have been part of these data leaks. This type of info would be communicated in a regular email. Always think before you click on any links or open any attachments!

Learn more tips like this and train your employees with our Security Awareness Training Program.

‍