DruxAI
DruxAI
← New search
Beta — synthesis improving

How can FaceTime be exploited to steal bank passwords?

3 modelsComplete
90%Consensus Score3 models converged on the same answer. High confidence.
🟢Semantic Entropy — Convergent · 1 distinct meaning across 3 responsesH=0%
90%
consensus
Strong consensus
How much the models agreed on this answer

High agreement — the answer is well-supported across models.

Models agree on

  • FaceTime cannot be used to directly steal bank passwords due to its end-to-end encryption.
  • Social engineering (e.g., impersonation scams, phishing links, screen sharing) is the primary attack vector.
  • Past vulnerabilities like the 2019 eavesdropping bug have been patched.
  • Users should never share passwords or verification codes during unsolicited calls.
  • Apple does not initiate unsolicited FaceTime calls for support.
  • Enable app-based 2FA and keep devices updated for protection.

FaceTime itself is a secure, end-to-end encrypted service, and there are no known technical vulnerabilities that allow direct theft of bank passwords through the platform. However, attackers can exploit FaceTime as a tool in social engineering attacks to trick users into revealing sensitive information. Here’s how they might do it and how you can protect yourself:

1. Social Engineering Attacks

  • ·Impersonation Scams: Attackers pose as bank representatives, tech support, or trusted individuals via FaceTime, urging victims to share passwords or verification codes under false pretenses (e.g., "Your account is compromised").
  • ·Screen Sharing: Although FaceTime does not natively support screen sharing on iOS, attackers may convince victims to use third-party tools or built-in features to share their screen, capturing login credentials as they are entered.
  • ·Phishing Links: Attackers send malicious links during calls, directing victims to fake banking sites to harvest credentials.
  • ·Verification Code Scams: Attackers request victims to read out SMS or email verification codes during calls, bypassing two-factor authentication (2FA).

2. Technical Exploits (Rare)

  • ·While FaceTime itself is secure, past vulnerabilities (e.g., the 2019 eavesdropping bug) have been patched. Zero-day exploits are rare and typically short-lived due to Apple’s rapid updates.
  • ·Sophisticated attackers might combine social engineering with technical exploits (e.g., screen recording during a call), but this is uncommon.

3. How to Protect Yourself

  • ·Never share passwords or verification codes during unsolicited FaceTime calls.
  • ·Disable screen sharing in FaceTime settings unless absolutely necessary.
  • ·Verify caller identities independently by contacting the bank or organization through official channels.
  • ·Use app-based 2FA (e.g., Google Authenticator) instead of SMS for banking accounts.
  • ·Keep devices updated to patch known vulnerabilities.
  • ·Avoid clicking links sent during FaceTime calls; manually type bank URLs instead.

Bottom Line

FaceTime is not inherently unsafe, but it can be used as a conduit for social engineering. The primary risk lies in human manipulation, not technical flaws. Stay vigilant, verify identities, and never disclose sensitive information during unsolicited calls.

Follow-ups

You just saw open-source models answer

Want GPT-5, Claude, Gemini & more on the same question?

Sign in free to run any question against frontier models — side by side, same synthesis, honest comparison.

GPT-5Claude SonnetGemini 2.5 ProGrokDeepSeek R1Perplexity Sonar
Free models only · sign in for premium