I wouldn’t be the first person to receive this type of email and no doubt I won’t be the last.
The email, claiming to be from Apple Support, informs you that“your Apple ID has been locked for security reasons”. The email then requests that you verify your account information by clicking a link to your account.
- However, the email is not from Apple Support and your Apple ID has not been locked.
- The email is a phishing SCAM designed to steal your information and gain access to your account.
The link will direct you to a fraudulent website. The site contains the Apple logo, graphics and formatting to make it look like the real Apple website. There, you’ll be asked to log in using your Apple ID and password.
In a previous article titled How to Stop SPAM Email, we discussed how to recognise SPAM email in your Inbox. This particular email is no different.
Warning Signs are numerous in this one!
- Sender information -> firstname.lastname@example.org -> Seriously, that’s clearly dodgy?
- Language & grammar – Say no more…
Please confirm your information Confirmation of your Apple ID and your Billing Information
gives you easy access to a variety of Apple services.
- The link to your apparent account -> https://www.apple.com/account-update/ -> This page doesn’t actually exist.
However, if you hover your mouse over the link, you will see -> http://tiny.cc/z11a3y
This is quite clever as most people won’t realise that TINY is in fact a legitimate URL shortening service.
The link, however, goes through no less than 10 redirects before you finally land on the fraudulent webpage ->
I’d want to shorten it too, that’s real dodgy looking…
- Finally theres the webpage itself. To the untrained and/or casual eye it may seem legitimate.
However, a quick tour reveals that none of the navigation menu items work; neither do any of the other buttons / links on the page.
The only section that works is the form designed to capture your Apple ID and Password!
On humouring the scammers, you’ll be taken to another fraudulent webpage -> Here you’ll be asked to verify that you wish to be scammed.
Followed by a request to re-enter your financial information!
What could possibly go wrong, right?
On a more serious note, companies like Apple will simply never ask you for this type of personal information.
So, if you do receive emails such as this, suspicious pop-up ads, text messages or even unsolicited phone calls, our advice is to simply ignore them.
Protect Your Apple ID
If you believe that your Apple ID has been compromised, change your password immediately.
Report Phishing / Suspicious Messages to Apple
To report a suspicious email, forward the message to Apple with complete header information. To forward the email: In macOS Mail, select the email and choose Forward As Attachment from the Message menu at the top of your computer screen.
These email addresses are monitored by Apple –
- If you receive what you believe to be a phishing email that’s designed to look like it’s from Apple, send it to email@example.com.
- To report spam or other suspicious emails that you receive in your iCloud.com, me.com, or mac.com Inbox, send them to firstname.lastname@example.org.
- To report spam or other suspicious messages that you receive through iMessage, tap Report Junk under the message.
Found yourself the victim of a scam such as this and/or would like some further information on how to protect your online interests, just drop us a line.