Beware this latest Apple ID scam
With Black Friday almost upon us, no wonder the scammers are out in force. While it may be a well-used phishing tactic, the cybercriminals behind the latest attack targeting all users of Apple devices have honed their craft into a highly believable and demanding of action warning: your Apple ID is suspended.
Your Apple ID Is Suspended Scam Explained
With more than 2 billion active users of Apple devices, be that an iPhone, iPod, MacBook or anything else that requires the use of an Apple ID, it’s not really surprising that this technological demographic is a prime target for cybercriminals—especially given the broader picture of them being an affluent group given the costs of being within the Apple ecosystem. We’ve already seen scams sent to iPhone users claiming that their iCloud storage capacity is nearly full and, of course, offering an upgrade to anyone foolish enough to click the take action button. Now it’s a similar, but more urgent, threat that is being used as people want to flex their spending power during the Black Friday sales.
Increasingly composed by AI-driven implementations of criminal large language models, these fake emails are often extremely close to the real thing in appearance and tone if not intent. Like other AI-powered support scams, these highly-convincing frauds are designed with one thing in mind: getting the recipient to click on an action button that takes them somewhere that can steal their account credentials. Be warned that the hook will be just as convincing as the bait in most cases, sometimes complete with 2FA-bypass methodologies built into the attack.
In order to leverage as much fear as possible, the email will likely claim that Apple has noticed suspicious activity on your account, or that it has been outright hacked and so requires further action from yourself to protect it.
“Phishing scams like the Apple ID Suspended scheme are becoming increasingly prolific and under immediate urgency,” Jake Moore, a former digital crimes law enforcement officer and now global cybersecurity advisor at ESET, said, “many people are still manipulated by the clever tactics used by criminal hackers.”
Apple Offers Scam Protection Advice For All Users
“If you’re suspicious about an unexpected message, call, or request for personal information, such as your email address, phone number, password, security code, or money,” Apple said, “it’s safer to presume that it’s a scam.”
Apple gives the following advice for users to identify a phishing attack:
- Scammers often mention personal information about you in an attempt to build trust and seem legitimate.
- Scammers will often convey a desire to help you resolve an immediate problem.
- Scammers usually creates a strong sense of urgency to avoid giving you time to think and to dissuade you from contacting Apple yourself, directly.
- Scammers will request your account information or security codes.
“Apple will never ask you to log in to any website, or to tap Accept in the two-factor authentication dialog, or to provide your password, device passcode, or two-factor authentication code or to enter it into any website,” Apple said.
“It is important to verify the sender’s email address for any discrepancies and avoid clicking on suspicious links as this is where scams often begin,” Moore concluded, “if you are ever in doubt of an Apple ID issue, go directly to the official Apple website to double check.”
