The increasing number of Apple users is a gold mine for cybercriminals practicing phishing, a widespread form of cyberattack that attempts to trick users into sharing their personal information. Cybercons imitate the brand’s emails and other messages, hoping that a user will follow the attached link and disclose their passwords or bank details. The best way to fight phishing scams is knowledge. In this post, we’ve put together some general advice on identifying and avoiding this kind of fraud.
To start, you should know that Apple never asks for personal information over email or text message. So, it’s best to report phishing to Apple if you suspect a scam message.
Now, what kind of messages are the most popular with scammers?
Bogus invoices from Apple
Received an email with an invoice for something you didn’t buy? It’s a fake. These emails typically have the Apple logo and are made to look like legitimate purchase notifications. They look convincing, but they are designed to steal your financial information. Luckily, some clues indicate that it’s counterfeit.
- Review purchase history in your account with App Store, iTunes Store, iBooks Store, or Apple Music. If it doesn’t say that you have purchased an item, you can ignore the email.
- Apple invoices never contain links to canceling or managing your subscription. Don’t click those links. They will redirect you to the fake order cancelation form that will ask for your personal information.
- Authentic purchase invoices from Apple always include your billing address, which scammers are unlikely to have.
Here’s an example of a counterfeit invoice:
Fake text messages
Phishing messages aren’t always sent by email. Apple customers reported a wave of scam text messages claiming that their accounts have been compromised. An example of such message sounded something like this:
“Your Apple account has been blocked due to security reasons. To unlock your account, please follow this link.”
Like an email scam, the link redirects to the fake login page that prompts users to enter their credentials. Doing so, a user plays right into the scammer’s hands by disclosing their personal information, which they can use to access accounts.
That’s not the only type of message you can receive these days. There are also bogus messages that want you to “unlock your Cloud ID,” “resolve a recent purchase problem,” “grab a free gift,” and the like.
The first clue is that the message arrives from a non-Apple sender with an unknown phone number. It prompts you to follow a link to confirm some information. Be vigilant and never tap those links.
What should you do with a phishing message?
Receiving a scam message can throw you off the track but don’t worry. Unless you have followed a link, it won’t do any damage. To stay on the safe side, contact Apple Support to verify a message whenever you doubt its authenticity. You can get in touch with the brand’s representatives via web chat, Twitter, or phone call. Until that time, do not click on a link in an email or text message and ignore attachments. You should also never reply to the sender. Here are your next steps if you are targeted with phishing messages:
- For a suspicious email, send a message to firstname.lastname@example.org.
- In the case of iMessage phishing, you can report it by forwarding it to email@example.com.
- If you’ve received a scammy text, open the message, click on Details, and tap Information. You will be able to block the caller from there. It will prevent other messages from this number.
Thousands of Apple users get phishing emails every day but don’t worry. Just follow the simple steps we described above, and carry on with your day.