Scammers are getting more sophisticated. Learn what to look for so you don't fall prey to Apple ID phishing scams.
How to Identify and Avoid Apple ID Phishing Scams
Updated on Mar. 27, 2025
It’s the end of a long day, and you open your email one last time. There, waiting at the top of your inbox, is a message from Apple asking you to confirm a purchase. The kids must have downloaded an app, you might think as you click on the link in the email to find out what they bought. Unfortunately, you may have just become the latest victim of an Apple ID phishing scam.
What is phishing? It’s a type of scam. Hackers use emails, text messages or phone calls that look like they come from legitimate companies (but actually don’t) to try to trick you into disclosing passwords and other sensitive information.
It’s surprisingly easy to fall prey to phishing schemes, which have quickly become the most common type of online scam. We spoke to cybersecurity experts Russel Kent-Payne, director and co-founder of Certo Software, and Robert Siciliano, CEO of Protect Now Cyber Security Training and Solutions, to learn more about the most common Apple ID phishing scams. Below, we share their advice on avoiding these schemes and protecting yourself if you think you may be a victim, along with other essential tech tips.
Get Reader’s Digest’s Read Up newsletter for more tech, travel, cleaning, humor and fun facts all week long.
What is an Apple ID Phishing scam?
An Apple email phishing scam specifically targets people who use Apple products, like iPhones, iPads, Apple Watches and Mac computers. You may receive an email that appears to be from Apple—perhaps from the App Store, your Apple Pay account or some other area of the Apple ecosystem.
The email will generally try to entice you to click on a link for a legitimate-sounding purpose. For instance, it might say there’s a problem with your account and instruct you to click a link to remedy the situation. Often, scammers create a sense of urgency, says Kent-Payne, “so that their victims react quickly to the message and are then less likely to spot that it’s a fake.”
Scammers are becoming more and more sophisticated, especially now that artificial intelligence (AI) is so widely used. Siciliano says AI makes scam emails look authentic, so you may be convinced by a seemingly official-looking Apple phishing email—even though it isn’t real at all.
If you do click on a link in the email, you will be directed to a website that looks like the real deal but is actually a phony created by hackers through spoofing. That website might ask you to enter personal data like your Apple ID and password, which the hackers then steal.
Why would someone phish for your Apple ID?
Your Apple account contains sensitive information, such as your email addresses and phone numbers, payment and security information, and answers to security questions.
You need your Apple ID and password to use services like the App Store, the Messages app, Apple Music, iCloud and FaceTime. If hackers ascertain your ID and password, they can:
- Access your iCloud email and any other email accounts linked to your Apple ID—and even request password resets for them, potentially locking you out
- Buy music, movies, books, apps, subscriptions and more
- View (and potentially sell or distribute to others) sensitive photos or documents that you’ve backed up in iCloud
- Steal money by accessing your digital wallet
How common is phishing?
In 2023, the FBI’s Internet Crime Complaint Center received nearly 300,000 phishing complaints. What’s worse, people who fell for these scams lost a total of almost $19 million.
Apple may be one of the most secure companies globally, but it’s also among the top five most impersonated brands in phishing attacks. “It doesn’t matter how ‘secure’ the target brand is,” Siciliano says. “What matters is that hundreds of millions of people use these products and services and rely on them every day.”
In fact, more than 2.2 billion Apple devices are currently in use, so scammers can make lots of money through Apple ID phishing scams.
What major Apple ID phishing scams should you be aware of?
Hackers are always devising new scams and reengineering old ones. Identifying fake Apple emails begins with recognizing common cons, like the popular Apple ID phishing scams below.
Storage limit alert scam
This scam, which began in 2023, occurs when you receive an email, allegedly from Apple, stating that your iCloud storage is full (or nearly full) but that you can receive an additional 50 GB of storage for free by clicking on a link. You guessed it: The link takes you to a malicious site that steals your info.
Apple or iCloud support scam
In this scam, users receive a phone call—or often several calls in a row—from what appears to be the real Apple support phone number. Instead, the number has been spoofed. If you answer the call, the scammer claims to be from Apple and says your Apple ID or iCloud account has been compromised. To fix things for you, they say, they’ll need your password or other sensitive information.
Sometimes, rather than speaking with you directly, scammers will leave an automated voice message directing you to call a specific number for “Apple support.” If you call the number, everything sounds legitimate, including updates telling you the anticipated hold time. When you finally connect with “support staff,” they will ask you for compromising information.
There’s also the possibility that it’s not a real human. Deepfake audio can make it sound like you’re talking to “real people in positions of authority,” says Siciliano. AI technology “now has the ability to not only make the phone call but to address you by your name, respond to your questions and influence your decision-making in such a way to convince you that Apple support is really calling you.”
For the record, Apple will never call you to notify you of suspicious activity. In fact, Apple won’t call you for any reason—unless you request a call first.
MetaMask Apple ID scam
Cryptocurrency and NFTs are growing in popularity, and scammers are capitalizing on that. They target a popular crypto digital wallet, MetaMask, which generally backs up to iCloud—a helpful security measure if your device is ever lost or stolen, Kent-Payne says.
Scammers initiate this con once they have the email address associated with your Apple ID. They will make multiple password-reset requests, and you’ll receive text alerts on your phone each time, sparking concern that your account is compromised.
Next, says Kent-Payne, in a manner similar to the support scam, you receive a seemingly legitimate phone call from Apple warning you about suspicious activity on your account. Since this jibes with the activity you’ve been seeing, it’s easy to believe the call is legitimate. With you on the line, the scammer will ask you to reset your password, this time sending a six-digit verification code to your phone and asking you for it.
It all happens under the guise of verifying your identity. But in reality, the scammer will reset your Apple ID password and gain access to everything stored in iCloud. Once that happens, they can enter your MetaMask wallet and steal your cryptocurrency.
Password-reset scam
This scam, which started in the spring of 2024, is similar to the Apple support scam. You get a string of alerts on various Apple devices advising you to reset your password. They create a sense of panic and urgency—you’ll be under the impression that you can’t use any of your linked devices until you dismiss all the notifications. The alerts don’t actually harm the device, though.
Next, you receive a spoofed phone call that seems to come from Apple. The caller will tell you that your device is under attack and that you need to provide security information to disable your phone. But if you do that, you give the scammers everything they need to access your account.
Apple has said that users should dismiss these notifications (without tapping on them) and not answer subsequent phone calls.
Apple ID order receipt scam
In this phishing scam, you’ll receive a seemingly genuine Apple email stating that your ID has been used to make a purchase. These emails generally have an attached PDF receipt as “proof.” The email will either ask you to confirm the purchase or submit a payment for it. In either instance, you’ll typically see links that, if clicked, will take you to a fake Apple account management page that attempts to trick you into giving up your Apple ID and password.
Apple ID locked scam
This scam often works in tandem with the fake-receipt scam. If you follow a spoofed email to a fake Apple page and enter your information, you may see a notification telling you that your account has been locked due to suspicious activity.
You’ll see an “unlock” button, which requires you to reveal personally identifying information, such as your name, Social Security number, payment information and answers to common security questions.
Sometimes, this scam will arrive via a Message app alert that states your Apple ID has been locked because your ID is about to expire. The message might ask you to complete a form to unlock your account. This, of course, gives the hackers access to sensitive info.
It’s true that Apple sometimes locks IDs if the company suspects fraudulent activity, but you can unlock your Apple ID by placing a phone call directly to Apple. “Don’t ever respond to emails making these requests,” Siciliano says.
It’s worth noting, Kent-Payne adds, that Apple IDs don’t expire.
iPhone locked scam
If hackers have already gained access to your iCloud account, they can activate the Find My feature and place your device in “lost” mode, which locks it remotely. You’ll see a pop-up message on your phone saying that it will remain locked until you pay a fee.
What are other types of Apple phishing scams?
Preventing Apple ID fraud is important, but scammers have even more tricks up their sleeves. The scams below don’t deal with your Apple ID, but they do pretend to come from Apple.
Apple Pay suspended scam
In this con, people who use Apple Pay in their digital wallets may receive a text message on their phones warning that “Apple Pay has been suspended on your device.”
The message has a link, which you can click to allegedly resolve the problem. If you tap the link, you’ll land on a page that looks legitimate, with a message stating something like, “Apple Pay was suspended on your device. You can continue to make contactless purchases once you have reactivated your wallet.”
It’s easy to see why someone would click—but don’t! You’ll give sensitive or financial information. In fact, hackers have stolen users’ identities and emptied their bank accounts with this method.
Apple gift card scam
Similar to the Apple support scam, the Apple gift card scam starts with a phone call. The scammer urgently insists that you must make a payment—for a utility bill, taxes, hospital bill, debt collection, even bail money. They ask you to purchase an Apple gift card (sometimes with thousands of dollars loaded onto it) at your nearest electronics store, supermarket or convenience store and use it to pay the bill by sharing the code on the back of the card with them.
The catch: You can use Apple gift cards to purchase only goods and services from Apple—things like subscriptions to Apple Music, iCloud storage and products from Apple retail stores. If someone asks you to use it to pay for something else, it’s a sure bet they’re running a gift card scam, and the swindlers are using the number you just gave them to buy a sweet new phone or computer for themselves.
How can you spot Apple ID phishing scams?
Scammers are learning how to make emails, texts and other communications appear as though they are from real companies, which is why it’s so crucial to know how to spot phishing emails related to your Apple ID. “Being able to recognize an attack is key to protecting yourself against phishing,” says Kent-Payne. Here are some red flags that point to a scam:
Spoofed address
Hover over the sender’s name in your inbox to see the full email address. If the message claims to be from Apple but the address is off by a letter or two—or worse, is just a bunch of random letters and numbers—it’s a phishing attempt.
Suspicious links
Check the URL of any link sent in a text or email before clicking on it. “Scammers will often try to disguise the true destination of a link by changing its display address to something simple, like ‘click here’ or ‘sign in,’” says Kent-Payne. “This makes it much harder for the victim to know they’re being taken to a malicious website.”
On iOS devices, however, you can preview the true destination, he says:
- On an iPhone: Tap and hold the link, and a pop-up will appear, showing you the full URL.
- On a Mac: Hover your cursor over a link, and you’ll see the full URL at the bottom of the browser or in a pop-up in the email.
“If the message claims to be from Apple but the link URL appears to have nothing to do with Apple, that’s a pretty good sign it is a scam,” Kent-Payne says.
Vague greeting
Reputable companies will usually address you by your full name, says Kent-Payne. Scammers will use something more generic, like “dear friend.”
Obvious typos
Reputable companies make sure their communication is professional. Scammers usually send typo-ridden emails, so look out for misspellings, grammar mistakes and typos. But be aware: With the rise of AI, scammers are getting better at sending grammatically correct emails with perfect spelling, so this isn’t a foolproof sign.
A sense of urgency
Phishing scams often create a false sense of urgency or rely on emotional manipulation to get you to act quickly.
How to identify a real Apple email
Unlike Apple phishing emails, legitimate messages sent from Apple will never ask you to disclose your Apple ID password, Social Security number, your mother’s maiden name, your full credit card number or your credit or debit card’s CCV security code.
“Genuine purchase receipts—from purchases in the App Store, iTunes Store, iBooks Store or Apple Music—include your current billing address, which scammers are unlikely to have,” says Apple. You can also check your purchase history from any device without clicking on links in suspicious emails.
How to protect yourself from Apple phishing scams
The best way to avoid becoming the victim of a phishing attack is to never click on a link or attachment within an unsolicited email or text message. The same applies to phone calls. Apple and other companies will never call you to discuss your device’s security. Don’t accept these calls or click on hyperlinked phone numbers within messages.
If you have a concern about your device, visit Apple’s official website for information on whether your device or account truly has been compromised and what to do if it has. Don’t call the Apple number in your contacts if you think you’ve been scammed; a scammer’s spoofed number can appear there, as if it’s from Apple.
Kent-Payne suggests using Apple’s Message Filtering feature (found in Settings) as well. It separates out any texts you receive from people who are not in your contacts and sends them to the “unknown senders” tab in your Messages list. If you use filtering in conjunction with a good security app, the app can alert you when you receive a phishing message, Kent-Payne says.
In addition to ignoring unsolicited communication, Kent-Payne suggests enabling two-factor authentication (2FA) for any important accounts, including your Apple ID, email, social media and banking. This makes it harder for hackers to gain access, even if they know your password.
He also recommends using Apple’s Advanced Data Protection, a feature that enhances the security of data stored in your Apple account by encrypting data synced with iCloud. (You can turn it on in your iPhone’s Settings and your Mac’s System Settings.) “This helps combat phishing, as only trusted devices are able to decrypt data downloaded from iCloud,” Kent-Payne says. “This means that even if a hacker works out your Apple ID password or 2FA code via a phishing attack, they still won’t be able to access data from iCloud.”
Apple ID best practices
- Never share your Apple ID password with anyone, including someone who says they’re from Apple.
- Keep your operating system updated to the latest version.
- Keep your browsers updated. Consider using a browser like Chrome, which has built-in phishing protections.
- Use antivirus and antimalware programs on your devices.
- Always check the URL of any website into which you’ll be entering sensitive information. It should always start with “HTTPS” (the s stands for “secure”).
- Don’t reuse the same password on multiple sites. That makes it easier for hackers. A password manager can help you keep track of strong, unique passwords.
What should you do if you receive an Apple phishing attempt?
Just close and ignore the email, text or pop-up, or hang up on the caller. Better still, delete emails and texts, close pop-ups and don’t answer unsolicited phone calls. Whatever you do, don’t click on any links or provide any personal information to the scammer. You should, however, report the attempt to the appropriate parties.
How to report Apple phishing scams
See something suspicious? Here’s what the experts advise doing:
- If you receive an Apple phishing email, forward it to [email protected].
- If you receive a suspicious text message that looks like it came from Apple, take a screenshot of it and send it to [email protected].
- If you receive a suspicious text in the Message app, click on the option under the message to “Report Junk and delete.” If the option doesn’t appear, you can still block the sender.
- If you get a fake tech-support phone call, you can report it to your local police department and to the Federal Trade Commission.
- If you accidentally click on a suspicious link, don’t panic. As long as you don’t supply any information on a linked webpage, you should be OK.
What to do if you already clicked
Did you enter personal information? Deep breaths.
Immediately change your Apple ID password and enable two-factor authentication. Then review all the security information in your account to make sure it’s still accurate. You’ll want to check your name, your primary Apple ID email address and any other rescue emails or phone numbers.
While you’re there, update your security questions and answers. Also check to see where your Apple ID is being used. You can find that information by going to Settings and clicking on your name. If you see a device you don’t recognize, you can remove it from the list.
FAQs
Why did I get a notification that someone is trying to use my Apple ID?
You likely received that notification because someone attempted to log in to your account from an unfamiliar location. Click “Don’t Allow” to block the scammer’s attempt to log in to your account.
What does a fake Apple security alert look like?
Scam Apple security alerts may appear as pop-up windows in your browser, emails or text messages, or notifications on your phone. They often claim that your browser has been infected with a virus, your Apple account has been hacked or your account is about to be locked—and they’ll urge you to act immediately. Notifications that claim someone is trying to access your Apple ID will include a map that notes where the log-in attempt is happening.
Can you tell if your Apple ID has been hacked?
There are some signs that your Apple ID has been hacked: You may be locked out of your Apple account, receive requests for two-factor authentication codes, find your device in Lost Mode or see unfamiliar charges to your Apple account on your bank statement. You might also notice strange activity—new messages you’re sure you never sent, changes to your account or new (and unfamiliar) devices linked to your account.
About the experts
|
Why trust us
Reader’s Digest has published hundreds of articles on personal technology, arming readers with the knowledge to protect themselves against cybersecurity threats and internet scams as well as revealing the best tips, tricks and shortcuts for computers, cellphones, apps, texting, social media and more. For this piece, Laurie Budgar tapped her experience as a longtime reporter who’s written about technology, and then Michael Sherwood, vice president of product at antimalware company Malwarebytes, gave it a rigorous review to ensure that all information is accurate and offers the best possible advice to readers. We rely on credentialed experts with personal experience and know-how as well as primary sources including tech companies, professional organizations and academic institutions. We verify all facts and data and revisit them over time to ensure they remain accurate and up to date. Read more about our team, our contributors and our editorial policies.
Sources:
- Russell Kent-Payne, director and co-founder of Certo Software
- Robert Siciliano, CEO of Protect Now Cyber Security Training and Solutions
- FBI: “Internet Crime Report 2023”
- Apple: “Recognize and avoid phishing messages, phony support calls, and other scams”
- Apple: “If you think your Apple Account has been compromised”
- Apple: “About Gift Card Scams”
- Apple: “Identify legitimate emails from the App Store or iTunes store”
- Apple: “Recognize and avoid social engineering schemes, including phishing messages, phony support calls, and other scams”
- Apple: “Reject unknown sign-in attempts”
- Check Point: “Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023″
- Kim Komando: “Use an iPhone or Mac? Don’t fall for this iCloud email promising free storage”
- Mac Rumors: “Apple now has more than 2.2 billion active devices worldwide”
- Business Insider: “There’s a new scam targeting iPhone owners with a barrage of notifications”
- Malwarebytes: “’Your Mailbox Has Exceeded the Storage Limit’ Phish”
- Fox News: ‘Don’t get caught in the ‘Apple ID suspended’ scam”
