They got you because you’re not familiar with the Apple ecosystem nor their support system. That’s all sus as hell.
You also failed at basic opsec because you allowed them to control the flow of communication.
Was there actual suspicious activity? Did an actual Apple representative ever contact you because it sounds like the whole thing was a phish but you make it sound like they just got the case number and timing when the more likely scenario is that the email was also them.
Totally agree that I don’t know the Apple eco system and that made it easier. It was a legit apple support email. Even compared all email headers with the email I received after I called Apple support and opened a new case. I gave them all the info I could.
It was definitely phishing, I’d even say spear phishing as the knew all of my details without me giving it out. I assume from leaked data somewhere.
I’m pretty sure that they were able to create a support case with me details and scheduled it for that time so they had the case number and knew to call before that time.
