Beware Of This Alarming Apple ID Scam Targeting Billions Of iPhone Owners

by · HotHardware

Apple, like many other big tech companies, goes to great lengths to protect your personal data from internet ne'er-do-wells. However, even the most powerful security features are useless in the face of determined human ignorance. There's a new Apple ID phishing scam going around, and if you think you're too smart to be tricked, that's probably what plenty of people who fell for it thought too.

The new spate of Apple phishing emails have been showing up in email inboxes around the world. These messages have all the hallmarks of phishing scams, but they look official at first glance. Most of the emails claim you have to take action for some reason or another, which leads to getting stuck in the attackers web of lies until you've lost control of your personal data.

The latest Apple phishing campaign might be hitting harder because of the urgent messaging, reports Tom's Guide. "Apple ID is Suspended," reads the subject line. The message informs targets their Apple accounts could be permanently lost in 24 hours if they do not log in and confirm their identities. The emails are reportedly being crafted by AI, so they don't have all the usual spelling and grammatical errors associated with older phishing campaigns.

There are still some hints these messages are inauthentic. For example, the emails don't come from Apple. Yes, that should be obvious, but people often neglect to look at the actual email address rather than the sender's supposed name. These messages come from an "@uaepass.ae" address, which is a United Arab Emirates domain.

The emails include a link to confirm your Apple ID, but the linked website is under the attacker's control. Entering your login details here will simply deliver your account into the scammers' hands. Remaining vigilant is the best way for the world's 2 billion Apple users to stay safe online. Be wary of clicking links in emails that arrive out of the blue—go to Apple's website directly to log into your account if you need to verify. Activating two-factor logins is also a smart move.