How to Identify Apple Phishing Emails and Avoid Getting Scammed

It’s the end of a long day, and you open your email one last time. There, waiting at the top of your inbox, is a message from Apple asking you to confirm a purchase. The kids must have downloaded an app, you might think as you click on the link in the email to find out what they bought. Unfortunately, you may have just become the latest victim of an Apple phishing email.

What is phishing? It’s a type of scam. Hackers use emails, text messages or phone calls that look like they come from legitimate companies (but really don’t) to try to trick you into disclosing passwords and other sensitive information.

It’s surprisingly easy to fall prey to phishing schemes, which have quickly become the most common type of internet-related crime. We spoke to cybersecurity experts Russel Kent-Payne, director and co-founder of Certo Software, and Robert Siciliano, CEO of Protect Now Cyber Security Training and Solutions, to find out what the most common Apple phishing scams are today. Below, we share their advice on how to avoid getting duped, how to protect yourself if you think you already did and other essential tech tips.

Get Reader’s Digest’s Read Up newsletter for more tech, travel, cleaning, humor and fun facts all week long.

What is an Apple phishing email scam?

An Apple email phishing scam specifically targets people who use Apple products, such as iPhones, iPads, Apple Watches and Mac computers. As part of the scam, you get an email that appears to come from Apple—perhaps from the App Store, your Apple Pay account, your iTunes account or some other area of the Apple ecosystem.

Usually, the email tries to entice you to click on a link for a legitimate-sounding purpose. For instance, it might say there’s a problem with your account and instruct you to click a link to remedy the situation. Often, scammers create a sense of urgency, says Kent-Payne, “so that their victims react quickly to the message and are then less likely to spot that it’s a fake.”

Scammers are getting more sophisticated all the time, especially now that artificial intelligence (AI) is so prevalent. Siciliano says AI makes scam emails much more convincing, so the Apple phishing email might look very real even though it isn’t.

If you do click on a link in the email, you may land on a website that looks like the real deal but is actually a phony created by hackers through spoofing. That website might ask you to enter your personal data, like your Apple ID and password, which the hackers then steal.

Why would someone phish for your Apple ID?

rd.com, Getty Images (2)

Your Apple ID account contains all your contact, payment and security information. You need your Apple ID and password to use services like the App Store, Messages app, Apple Music, iCloud and FaceTime. If hackers discern your ID and password, they can:

• Access your iCloud email and any other email accounts linked to your Apple ID—even request password resets for them, potentially locking you out
• Buy music, movies, books, apps, subscriptions and more
• View (and potentially sell or distribute to others) sensitive photos or documents that you’ve backed up in iCloud
• Steal money by accessing your digital wallet

How common is phishing?

In 2023, the FBI’s Internet Crime Complaint Center received nearly 300,000 complaints about phishing. What’s worse, people who fell for these scams lost a total of almost $19 million.

Even though Apple is considered one of the most secure companies out there, it still ranks as one of the top five most impersonated brands in phishing attacks. “It doesn’t matter how ‘secure’ the target brand is,” Siciliano says. “What matters is that hundreds of millions of people use these products and services and rely on them every day.”

In fact, more than 2.2 billion Apple devices are currently in use, so targeting Apple IDs can be a lucrative hustle for scammers.

What are the main Apple ID phishing scams to be aware of?

Hackers are continually inventing new scams and rehashing old ones. Some of the most common Apple ID phishing scams now include the following:

Storage limit alert scam

This scam, which began in 2023, occurs when you receive an email, allegedly from Apple, stating that your iCloud storage is full (or nearly full) but that you can receive an additional 50 GB of storage for free by clicking on a link. You guessed it: The link takes you to a malicious site that steals your info.

Apple or iCloud support scam

rd.com, Getty Images

In this scam, users receive a phone call—or often several calls in a row—from what appears to be the real Apple support phone number. Instead, the number has been spoofed. If you answer the call, the scammer claims to be from Apple and says your Apple ID or iCloud account has been compromised. To fix things for you, they say, they’ll need your password or other sensitive information.

Sometimes, rather than speaking with you directly, scammers will leave an automated voice message directing you to call a specific number for “Apple support.” If you call the number, everything sounds legitimate, including updates telling you the anticipated hold time. When you finally connect with “support staff,” they will ask you for compromising information.

There’s also the possibility that it’s not a real human. Deepfake audio can make it sound like you’re talking to “real people in positions of authority,” says Siciliano. AI technology “now has the ability to not only make the phone call but to address you by your name, respond to your questions and influence your decision-making in such a way to convince you that Apple support is really calling you.”

For the record, Apple will never call you to notify you of suspicious activity. In fact, Apple won’t call you for any reason—unless you request a call first.

MetaMask Apple ID scam

This scam relies on the continued  popularity of cryptocurrency and NFTs. In this case, scammers target MetaMask, a popular digital wallet for crypto, which is typically backed up to iCloud—a helpful security measure if your device is ever lost or stolen, Kent-Payne says.

This con usually starts once scammers know the email address associated with your Apple ID. They make multiple password-reset requests, and you receive text alerts on your phone each time, sparking concern that your account may be compromised.

Next, says Kent-Payne, in a manner similar to the support scam, you receive a phone call that appears to come from Apple, warning you about suspicious activity on your account. Since this corresponds with the activity you’ve been seeing, it’s easy to believe the call is legitimate. With you on the line, the scammer requests another password reset, this time sending a six-digit verification code to your phone and then asking you for that code, all under the guise of verifying your identity.

Once they have that code, however, they are able to reset your Apple ID password. They’ll gain access to everything stored in iCloud, including your MetaMask wallet, and steal your cryptocurrency.

Password reset scam

This scam, which started in 2024, is similar to the Apple support scam. You get a string of alerts in rapid succession on your Mac, iPhone, iPad or Apple Watch—or maybe all of them—advising you to reset your password. You can’t use any of your linked devices until you dismiss all the notifications. The alerts don’t actually harm the device but instead instill a sense of panic.

Then you receive a phone call that appears to come from Apple, and the caller tells you that your device is under attack. The solution, according to the so-called Apple support employee? You need to provide security information to disable the attack. But if you do that, you give the scammers everything they need to access your account.

Apple has said that users should dismiss these notifications (without tapping on them) and not answer subsequent phone calls.

Apple ID order receipt scam

In this Apple phishing email scam, you’ll receive an email that appears to be from Apple. It will state that your ID has been used to make a purchase, usually with a PDF receipt attached as “proof.”

The email will either ask you to confirm the purchase or submit payment for it. In either instance, you’ll typically see links that, if clicked, will take you to a fake Apple account management page that attempts to trick you into giving up your Apple ID and password.

Apple ID locked scam

This scam often works in tandem with the fake-receipt scam. If you follow a spoofed email to a fake Apple page and then input your information, you may see a notification telling you that your account has been locked due to suspicious activity.

It’ll then show you an “unlock” button, which requires you to divulge personally identifying information, such as your name, Social Security number, payment information and answers to common security questions.

Sometimes, this scam will arrive via a Message app alert that states your Apple ID has been locked because your ID is about to expire. The message might ask you to complete a form to unlock your account. This, of course, gives the hackers access to sensitive info.

It’s true that Apple sometimes locks IDs if the company suspects fraudulent activity, but you can unlock your Apple ID by placing a phone call directly to Apple. “Don’t ever respond to emails making these requests,” Siciliano says.

It’s worth noting, Kent-Payne adds, that Apple IDs don’t expire.

iPhone locked scam

If hackers have already gained access to your iCloud account, they could activate the Find My feature and place your device into “lost” mode, which remotely locks it. Then you’ll see a pop-up message on your phone saying that it will remain locked until you pay a ransom.

What are other types of Apple phishing scams?

Apple Pay suspended scam

In this con, people who use Apple Pay in their digital wallets may receive a text message on their phones warning that “Apple Pay has been suspended on your device.”

The message includes a link, which you can click to allegedly resolve the problem. If you tap the link, you’ll land on a page that looks legitimate, with a message stating something like, “Apple Pay was suspended on your device. You can continue to make contactless purchases once you have reactivated your wallet.”

It’s easy to see why someone would click—but don’t! If you click through to the next page, it will ask for personally identifying or financial information. Through this scam, hackers have stolen users’ identities and emptied their bank accounts.

Apple gift card scam

Similar to the Apple support scam, the Apple gift card scam starts with a phone call. The person on the other end urgently insists that you need to make a payment of some kind—for a utility bill, taxes, hospital bill, debt collection, even bail money. They ask you to purchase an Apple gift card (sometimes with thousands of dollars loaded onto it) at your nearest electronics store, supermarket or convenience store and use it to pay the bill by sharing the code on the back of the card with them.

The catch: You can use Apple gift cards to purchase only goods and services from Apple—things like subscriptions to Apple Music, iCloud storage and products from Apple retail stores. If someone asks you to use it to pay for something else, it’s a sure bet they’re running a gift card scam, and the swindlers are using the number you just gave them to buy a sweet new phone or computer for themselves.

How to spot an Apple phishing email and other scams

RD.com, Getty Images (2)

Scammers are becoming increasingly sophisticated in the art of making emails, texts and other communications look like the real deal. “Being able to recognize an attack is key to protecting yourself against phishing,” says Kent-Payne. Here are some red flags that point to a scam:

Spoofed address

Hover over the sender’s name in your inbox to see the full email address. If the message claims to be from Apple but the address is off by a letter or two—or worse, is just a bunch of random letters and numbers—it’s probably a phishing attempt.

Suspicious links

Check the URL of any link sent in a text or email before clicking on it. “Scammers will often try to disguise the true destination of a link by changing its display address to something simple, like ‘click here’ or ‘sign in,'” says Kent-Payne. “This makes it much harder for the victim to know they’re being taken to a malicious website.”

On iOS devices, however, you can preview the true destination, he says:

• On an iPhone: Tap and hold the link, and a pop-up will appear, showing you the full URL.
• On a Mac: Hover your cursor over a link, and you’ll see the full URL at the bottom of the browser or in a pop-up in the email.

“If the message claims to be from Apple but the link URL appears to have nothing to do with Apple, that’s a pretty good sign it is a scam,” Kent-Payne says.

Vague greeting

Reputable companies will usually address you by your full name, says Kent-Payne. Scammers will use something more generic, like “dear friend.”

Obvious typos

Reputable companies take pains to ensure their communication is clear, accurate and precise. Someone out to scam you may send a typo-ridden email, so be on the lookout for misspellings, grammar mistakes and typos.

A sense of urgency

Phishing scams often create a false sense of urgency or rely on emotional manipulation to get you to act quickly.

How to identify a real Apple email

Unlike Apple phishing emails, legitimate messages sent from Apple will never ask you to disclose your Apple ID password, Social Security number, your mother’s maiden name, your full credit card number or your credit or debit card’s CCV security code.

“Genuine purchase receipts—from purchases in the App Store, iTunes Store, iBooks Store or Apple Music—include your current billing address, which scammers are unlikely to have,” says Apple. You can also check your purchase history from any device without clicking on links in suspicious emails.

How to protect yourself from Apple phishing scams

The best way to avoid becoming the victim of a phishing attack is to never click on a link or attachment within an unsolicited email or text message.

The same holds true for phone calls. Apple and other companies will never call you out of the blue to discuss your device’s security. Don’t accept these calls or click on hyperlinked phone numbers within messages.

If you have a concern about your device, visit Apple’s official website for information on whether your device or account truly has been compromised and what to do if it has. Don’t call the Apple number in your contacts if you think you’ve been scammed; a scammer’s spoofed number can appear there, as if it’s from Apple.

Kent-Payne suggests using Apple’s Message Filtering feature (found in Settings) as well. It separates out any texts you receive from people who are not in your contacts and sends them to the “unknown senders” tab in your Messages list. If you use filtering in conjunction with a good security app, the app can alert you when you receive a phishing message, Kent-Payne says.

In addition to ignoring unsolicited communication, Kent-Payne suggests enabling two-factor authentication (2FA) for any important accounts, including your Apple ID, email, social media and banking. This makes it harder for hackers to gain access, even if they know your password.

He also recommends using Apple’s Advanced Data Protection, a feature that enhances the security of data stored in your Apple account by encrypting data synced with iCloud. (You can turn it on in your iPhone’s Settings and your Mac’s System Settings.) “This helps combat phishing, as only trusted devices are able to decrypt data downloaded from iCloud,” Kent-Payne says. “This means that even if a hacker works out your Apple ID password or 2FA code via a phishing attack, they still won’t be able to access data from iCloud.”

And be sure to adhere to the following best practices:

• Never share your Apple ID password with anyone, including someone who says they’re from Apple.
• Keep your operating system updated to the latest version.
• Keep your browsers updated. Consider using a browser like Chrome, which has built-in phishing protections.
• Use antivirus and antimalware programs on your devices.
• Always check the URL of any website into which you’ll be entering sensitive information. It should always start with “HTTPS” (the s stands for “secure”).
• Don’t reuse the same password on multiple sites. That just makes it easier for hackers. A password manager can help you keep track of strong, unique passwords.

What should you do if you receive an Apple phishing attempt?

rd.com, Getty Images

In most cases, you can safely close and ignore the email, text or pop-up, or hang up on the caller. Whatever you do, don’t click on any links or provide any personal information to the scammer. You should, however, report the attempt to the appropriate parties.

How to report Apple phishing scams

See something suspicious? Here’s what the experts advise doing:

• If you receive an Apple phishing email, forward it to [email protected].
• If you receive a suspicious text message that’s supposed to look like it came from Apple, take a screenshot of it and send it to the same address.
• If you receive a suspicious text in the Message app, you should see an option under the message to “Report Junk.” If the option doesn’t appear, you can still block the sender.
• If you get a fake tech-support phone call, you can report it to your local police department and to the Federal Trade Commission.
• If you accidentally click on a suspicious link, don’t panic. As long as you don’t supply any information on a linked webpage, you should be OK.

What to do if you already clicked

Did you enter personal information? Deep breaths.

Immediately change your Apple ID password and enable two-factor authentication. Then review all the security information in your account to make sure it’s still accurate. You’ll want to check your name, your primary Apple ID email address and any other rescue emails or phone numbers.

While you’re there, update your security questions and answers. Also check to see where your Apple ID is being used. You can find that information by going to Settings and clicking on your name. If you see a device you don’t recognize, you can remove it from the list.

Why trust us

Reader’s Digest has published hundreds of articles on personal technology, arming readers with the knowledge to protect themselves against cybersecurity threats and internet scams as well as revealing the best tips, tricks and shortcuts for computers, cellphones, apps, texting, social media and more. For this piece, Laurie Budgar tapped her experience as a longtime reporter who’s written about technology, and then Michael Sherwood, vice president of product at antimalware company Malwarebytes, gave it a rigorous review to ensure that all information is accurate and offers the best possible advice to readers. We rely on credentialed experts with personal experience and know-how as well as primary sources including tech companies, professional organizations and academic institutions. We verify all facts and data and revisit them over time to ensure they remain accurate and up to date. Read more about our team, our contributors and our editorial policies.

Sources:

• Russell Kent-Payne, director and co-founder of Certo Software
• Robert Siciliano, CEO of Protect Now Cyber Security Training and Solutions
• FBI: “Internet Crime Report 2023”
• Apple: “Recognize and avoid phishing messages, phony support calls, and other scams”
• Apple: “If you think your Apple ID has been compromised”
• Apple: “About Gift Card Scams”
• Apple: “Identify legitimate emails from the App Store or iTunes store”
• Check Point: “Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023″
• Kim Komando: “Use an iPhone or Mac? Don’t fall for this iCloud email promising free storage”
• Mac Rumors: “Apple now has more than 2.2 billion active devices worldwide”
• Business Insider: “There’s a new scam targeting iPhone owners with a barrage of notifications”

rd.com, Getty Images

The Most Commonly Used Passwords

rd.com, Getty Images

How to Avoid Cash App Scams

Dean Drobot/Shutterstock

Scam Texts to Delete Immediately