Phishing for Apple ID Accounts: Scam Emails and Texts

This article explains how you recognize and avoid phishing scams. More specifically, the focus of this article is how you can tell if a message from “Apple” requesting information is really from Apple, iTunes, iCloud, App Store etc.

This article provides an overview of phishing attacks targeting Apple users. Scammers use emails or text messages to trick you into giving them your Apple ID information. Phishing emails look so real that it could be difficult to recognize if they are authentic or not.

The bad news is that, unfortunately, phishing is fairly common. The good news is that, however, you can easily spot fake Apple account scam emails and messages.

See also: Your Apple ID Disabled Error, Fix

How to recognize fake Apple emails or texts

Apple may send you emails. These can be about your receipts, new products, or account changes and/or concerns. For example, you can change your Apple ID password from your Apple ID account page at https://appleid.apple.com. And once you change your password, you will get an email saying “your Apple ID information has been updated.”

Apple emails or messages NEVER:

  • Include attachments, or ask you to open an attachment
  • Say they’ve noticed some suspicious activity or there’s a problem with your Apple account or your Apple ID payment or card information
  • Say your Apple ID is disabled/locked/deactivated or will be disabled/locked/deactivated.
  • Ask you to update your account details
  • Say you must confirm your Apple ID and account
  • Include generic greeting (like Hi Dear, Dear Customer, Dear Apple Customer, etc), (instead, most Apple emails include your real name like “Dear Kurt Serhat”). (Also note that real Apple receipt emails include your actual billing address)
  • Include bad grammar or spelling
  • Ask personal/sensitive information; such as Apple ID password, credit card numbers, credit card CCV codes, social security numbers, etc; by email
  • Contain dubious links or shortened URLs and URLs don’t match the address of Apple’s website
  • Looks unprofessional

Also, check that who sent the email. Are they from Apple (apple.com, icloud.com, etc)? Email addresses can be spoofed. You can go to Mail > View > Message > Show all Headers to see more.

See also: “APL*ITUNES/BILL”, What Is This?

If you receive an email or text containing any of the above elements, then you can surely say that it is an Apple ID account scam, even though they may look like they’re from Apple.

See also: How To Prevent Viruses And Other Malware On Your Mac

Fake Apple email examples

Fake Apple email
The first example of an Apple ID phishing email

This email is fake. Here is how we can tell:

  • Notice the poor grammar
  • Apple emails never include attachment files.
  • Apple’s account-related emails never include generic greeting
  • As you can see, this email was sent to you and 485 other people. Apple never does that.
Apple ID fake email
The second example of an Apple ID phishing email

This is also not authentic because:

  • The email has a generic greeting: Dear Apple Customer
  • The email asks you to confirm your account
  • The email has spelling errors: it says apple (should be Apple)
Fake Apple text message
The third example of fake Apple text message

This is also fake because:

  • Authentic Apple messages never say your account is disabled/restricted
  • As you can see, the URL does not belong to Apple
  • Apple emails never ask you to confirm something
Apple ID spam email
The fourth example of Apple scam email

This is also a phishing attempt”, because

  • Apple never asks you to open an attachment
  • It is generic (Dear Customer)
  • Poor Grammar

Tips to avoid Apple phishing attempts

  • Do not open attachment from unknown senders
  • Keep your iOS and macOS devices up to date
  • Enable and use two-factor authentication
  • Do not respond to scam messages or emails

How to report these fake emails

If you receive such emails, please forward them to reportphishing@apple.com and spam@uce.gov (The Federal Trade Commission). You can also report spam to www.ftc.gov/complaint.

If you have been the victim of a phishing scam already, change your Apple ID password immediately.  You can do so:

  • On your iPhone and iPad: Go to Settings > [your name] > Password & Security > Change Password.

You can also do that online by going to the Apple ID account website.

If you are unsure about it, you can always contact Apple support.

Dr. Serhat Kurt worked as a Senior Technology Director. He holds a doctoral degree (or doctorate) from the University of Illinois at Urbana / Champaign and a master’s degree from Purdue University.

Thank you for choosing to leave a comment.

Please note the following:

  • All comments are moderated.
  • Your email will NOT be published nor shared.
  • All SPAM comments will be deleted.
  • Please see our comment policy page for more info.

1 thought on “Phishing for Apple ID Accounts: Scam Emails and Texts”

Leave a Comment