How To Avoid Apple Phishing Emails (Apple ID Scams)

Apple phishing emails are getting more sophisticated — and harder to identify. Learn how to protect your Apple account from hackers and scammers.

Contributor at Aura

Irina Maltseva is a growth marketer with 10+ years of experience in digital marketing. After being scammed by Airbnb and Booking.com, Irina joined Aura to help the company on its mission to create a safer internet for everyone.

Aura Cybersecurity Editor

Jory MacKay is a writer and award-winning editor with over a decade of experience for online and print publications. He has a bachelor's degree in journalism from the University of Victoria and a passion for helping people identify and avoid fraud.

Aura’s app keeps you safe from scams, fraud, and identity theft. Try Aura for free.

In this article:

In this article:

Aura’s digital security app keeps your family safe from scams, fraud, and identity theft.

Is Someone Trying To Hack Your Apple ID?

Apple is one of the most secure companies in the world — but scammers have still found ways to hack into your Apple ID and take over your account.

In one example, an Apple user on Reddit received a legitimate-looking email claiming that their Apple ID had been locked. But after clicking on the link and entering their iCloud account information, the user was asked for a credit card number to “prove their identity” [*].

At this point, the victim realized it was a scam — but the damage was done. Hackers had stolen their Apple ID and password using an Apple phishing email scam.

Apple ID attacks like this are on the rise. Account takeover fraud — in which scammers target your account login credentials — was up by a staggering 131% in the first half of 2022 [*].

According to the latest data from the Federal Trade Commission (FTC) [*]:

Apple is the second-most impersonated brand by scammers (next only to Amazon).

In this guide, we’ll show you what Apple phishing emails look like, how to tell if an Apple email is legitimate, and what to do if you’re targeted by one of the latest Apple scams.

What Is an Apple Phishing Email? Is It Dangerous?

In Apple phishing scams, scammers send emails designed to look like they’re from Apple (or other legitimate companies) in an attempt to steal your Apple ID or money.

The worst part is that these phishing attempts can appear to come from any part of the Apple ecosystem. For example, fraudsters might send fake receipts from the App Store or anxiety-inducing messages from Apple Support.

If you’re in a hurry, you might think this is a legitimate email. It looks like it’s from “Apple ID,” includes an Apple logo, and contains a link that looks like it’s leading to the official Apple ID website.

But upon closer inspection, there are some warning signs indicating that this is a scam:

• It doesn’t come from an official Apple.com email address. Instead, the scammers have changed their “from name” to look like it’s from Apple (or “Apple ID”). Always click on or hover over the sender’s name to reveal their actual email address.
• There are subtle spelling and grammatical errors. Legitimate emails from Apple will almost never contain mistakes. Grammatical errors like “required”( instead of “requires”), “an unusual activity,” and no comma after “Sincerely” are signs that the email is fraudulent.
• The link takes you to a different URL than what’s shown. Scammers often change the display of links to make them appear more legitimate. You can hover over a link to see where it’s taking you. If you click on a link and the website that loads is different from what is noted in the link, leave the site immediately.
• There’s no personalization. Usually, companies like Apple will greet you using your full name. Because they don’t have access to this information, scammers use generic greetings like “Dear friend” or “Dear valued customer.”
• It creates a sense of urgency by threatening to disable your Apple ID. Phishing scams try to use a false sense of urgency to make you act without thinking. Here, the scammer warns that there are only 24 hours to respond before the victim’s Apple ID is disabled.

The 5 Latest Apple Phishing Emails and Scams

1. Your Apple ID has been locked or suspended
2. Receipts for unrecognized App store charges
3. Apple Pay has suspended your device
4. Fake phone calls from Apple support
5. Password reset emails

Scammers are constantly finding new tactics to target their victims — from emails to phone calls and website pop-ups. Here are five of the most common phishing scams currently targeting Apple customers:

1. Your Apple ID has been locked or suspended

In this classic phishing scam, you receive an email, iMessage, or even social media message informing you that your Apple ID has been locked. This message might be accompanied by a fake receipt claiming that there’s been suspicious activity on your account.

If you click on the link, you’ll be taken to a site that asks for your personal information (like your Social Security number, bank account information, and name) to verify and unlock your account [*].

How to tell if it’s a scam (and what to do):

• Always log in to your Apple account directly. Never click on links in emails. Instead, log in to your Apple account on AppleID.apple.com — or via the Settings app on your iPhone or iPad, or through iTunes on your Mac. If there’s an issue, you’ll be alerted as soon as you log in. If you see nothing, it’s a scam.
• If you click on a link, make sure it takes you to an official Apple.com web page. Scammers often mask the true locations of links in phishing emails. Click on the padlock symbol near the URL on a browser like Chrome or Safari to make sure that it’s “Apple.com” and that the security certificate is issued to Apple.

2. Receipts for unrecognized App store charges

In this type of scam, you’ll receive an email from “Apple” that contains a receipt for a purchase that you didn’t make. The email will also contain a link to let you view, confirm, or cancel the order [*].

Again, scammers are trying to get you to click on a link to a phishing website by threatening you with a payment that you didn’t authorize.

How to tell if it’s a scam (and what to do):

• Check the sender’s email address. Official Apple email addresses end in “@email.apple.com.” Anything else is a scam. In this example, the email is from “@applestorepayment.com” — designed to trick you.
• Sign in to your account via official methods. Don’t use links in emails. Instead, log in using AppleID.apple.com on your web browser or directly via the Settings app on your iOS device. Once you’ve signed in, you can check your purchase history. Remember: Official Apple invoices won’t contain a hyperlink to cancel or manage your orders.

3. Apple Pay has suspended your device

Not all Apple phishing attacks occur over email. In this social engineering scam, fraudsters send a text message claiming there’s an issue with your Apple Pay account and it has been suspended.

The text includes a link to help you “reactivate” your account. But if you click on it, you’ll again be asked for your Apple ID credentials and other sensitive information, such as your credit card or bank account numbers.

How to tell if it’s a scam (and what to do):

• The link doesn’t send you to an Apple website. If a link leads anywhere other than to an official Apple web page, it’s a scam. Fraudsters attempt to make the link look as real as possible; so always sign in to your account through the official Apple website or Settings app.
• The number doesn’t appear to be from Apple. Text messages from Apple always display “Apple” as the sender’s number. If the message is from an unknown number, it’s a scam message. Also, don’t blindly trust your caller ID, as scammers can “spoof” their phone number to make it look like it’s coming from Apple.
• Never enter information on a website linked via an unsolicited text or email. Always contact Apple Support directly at support.apple.com/contact to find out whether there are any problems with your Apple Pay account.

4. Fake phone calls from Apple support

Nearly one in three Americans said they’d fallen victim to a phone scam in 2021 [*]. And cybercriminals are now pretending to be from Apple customer support to get people to share personal information.

In this scam, fraudsters leave a voicemail saying there’s been suspicious activity on your account. They leave a phone number to call so that you can resolve the “issue.”

When you call the number, the scammer acts like they’re verifying your identity and helping fix the issues with your account. During this process, they ask for your personal information and may claim that they need payment to reactivate your account. They may even direct you to a fake login page that steals your personal information.

How to tell if it’s a scam (and what to do):

• Hang up and call Apple directly. Scammers can use falsified caller IDs to make it look like they’re calling from Apple (or other familiar companies). If you receive an unsolicited call, hang up and call Apple directly via its customer support phone lines or other verified methods.
• Never provide personal information to unsolicited callers. Remember: Apple never calls its users by phone. Instead, Apple will send you an email if there are any issues with your account. If someone calls you claiming to be from Apple, hang up immediately.
• Don't pay for tech support. Some scammers will request upfront payment for technical support (in the form of Apple gift cards or via payment apps). Apple will never request upfront payment — especially using non-traditional payment methods.

5. Password reset emails that target your cryptocurrency wallets

MetaMask is a popular digital wallet for cryptocurrencies that can be backed up to iCloud. However, what began as a useful security feature (for when you lose your device) has become another target for scammers.

In this scam, fraudsters find your Apple ID and make multiple password reset requests on your account. As you’re receiving these warnings, they call you, claim to be from Apple Support, and ask for the six-digit reset code that you just received to “verify your identity.”

Once they have access to your Apple ID, the scammers sign in to your account, access your MetaMask wallet, and steal your cryptocurrency.

How to tell if it’s a scam (and what to do):

• “Apple Support” asks for your reset code. The biggest red flag in this scam is that the caller asks for your six-digit password reset code. Under no circumstances will Apple’s support team ever do this, so don’t fall victim. Never share your verification code with anyone.
• Disable iCloud backups for your MetaMask data. Your password-encrypted MetaMask vault and seed phrase are backed up to iCloud by default. To turn this off, head to Settings > Profile > iCloud > Manage Storage > Backups, and toggle off backups for MetaMask.

✅ Take action: Protect yourself from the worst consequences of online scams with Aura's $1 million insurance policy for eligible losses due to identity theft. Try Aura free for 14 days and secure your identity (and finances) against fraud.

What To Do If You Open (or Click on) an Apple Phishing Email

• Disconnect your device from the internet and back up your files. By clicking on a link in an email, you may have unknowingly downloaded malicious software that can spy on you or steal your information. By turning off the internet and backing up your files, you minimize the risk of further damage.
• Scan your device for viruses. If you’ve clicked on a link or downloaded an attachment from an email message, you should scan your computer immediately by using an antivirus. Aura offers a high-quality antivirusthat can quarantine and remove any viruses, malware, or spyware that might have been contained in the attachment.
• Secure your Apple account. Update your Apple password to a unique phrase that you haven’t used for any of your other accounts. Aura’s password manager can store your passwords securely so that you won’t forget them. You should also use two-factor authentication (2FA), as this adds another layer of security to your Apple ID.
• Report the scammer to Apple. If you receive a suspicious email or text, forward it to reportphishing@apple.com. For scam content received in Messages, tap Report Junk beneath the message. You can then block that phone number. This will help Apple identify fraudulent email addresses and warn other users about new scams.

• Submit a fraud report to the relevant agencies. If you fall victim to a scam or have your identity stolen, you should report the crime to your local law enforcement agency, the Federal Trade Commission (FTC), and the Internet Crime Complaint Center (IC3).
• Learn how to spot a fake email, pharming site, or fraudulent phone number. To avoid falling victim again, you should learn how to tell if an email is from a scammer. Likewise, memorize the signs of fake websites and how to avoid them.
• Check your credit report and bank statements for signs of fraud. If scammers gained access to your Apple ID, they might use the information they found to access your financial accounts. If you see suspicious activity, freeze your credit immediately and contact your financial institution.
• Consider signing up for identity theft protection. With Aura, you get #1-rated identity theft protection, proactive device security, and near real-time financial monitoring. To avoid falling victim to a phishing scam, consider signing up for Aura’s 14-day free trial.

How To Protect Your Apple ID Against Scammers

Your Apple ID is the key to your digital identity. Almost all Apple hacks occur because the victim fell for an email scam or didn’t secure their accounts adequately.

To stay safe online and protect yourself from scammers, here’s what you should do:

• Make sure you’re using the best cyber hygiene practices.
• Set up 2FA or multi-factor authentication (MFA) on all of your online accounts.
• Never click on links or download attachments from suspicious messages.
• Use an antivirus program to scan your devices for malicious software.
• Keep your Apple devices up to date in order to avoid the latest cybersecurity threats.
• Use Aura’s all-in-one digital security solution to protect your accounts and monitor for fraudulent activity.

Shop, browse, and work online safely with Aura. Start your 14-day free trial →

Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.

Award-winning identity theft protection with AI-powered digital security tools, 24/7 White Glove support, and more. Try Aura for free.

Related Articles

The Dangers of Using Public Wi-Fi (and How To Stay Safe)

Public and unsecured Wi-Fi networks are convenient. But are they safe? Learn the 10 hidden dangers of unsecured and public Wi-Fi networks (and what to do).

What To Do If a Scammer Has Your Email Address

Your email address is a precious commodity for fraudsters. Here’s what you should do if a scammer has your email address to stay safe.

Try Aura—14 Days Free

Start your free trial today**

14 days FREE of All-In-One Protection

4.7 as of March 2024

14 days FREE of All-In-One Protection

4.7 as of March 2024

All rights reserved.

*The Identity Theft Insurance is underwritten and administered by American Bankers Insurance Company of Florida, an Assurant company. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. Review the Summary of Benefits.

** Free trial offer can only be redeemed once per customer. Full access to plan features depends on identity verification and credit eligibility.

¹ The score you receive with Aura is provided for educational purposes to help you understand your credit. It is calculated using the information contained in your Equifax credit file. Lenders use many different credit scoring systems, and the score you receive with Aura is not the same score used by lenders to evaluate your credit.

² 60-day money back guarantee is only available for our annual plans purchased through our websites (excludes Amazon) or via our Customer Support team. You may cancel your membership online and request a refund within 60 days of your initial purchase date of an eligible Aura membership purchase by calling us at 1-833-552-2123.

If you signed up for Aura through a free trial, then your membership purchase date will be the date you signed up for your free trial, and you will have 60 days from the date you signed up for your free trial to cancel and request a refund. If you switched to a new annual plan within 60 days of your initial Aura annual subscription, you may still qualify for the Money Back Guarantee (based upon your initial annual plan purchase date).

³ As compared to the competition. Results based on a 2022 mystery shopper consumer study conducted by ath Power Consulting. ath Power Consulting was compensated by Aura to conduct this study.

⁴ Child members on the family plan will only have access to online account monitoring and social security number monitoring features. All adult members get all the listed benefits.

⁵ Ranked #1 by Security.Org and IdentityProtectionReview.com. They may be compensated as a marketing affiliate of Aura, but their ratings are all their own.

‡ Not all features use AI capabilities.

No one can prevent all identity theft or monitor all transactions effectively. Further, any testimonials on this website reflect experiences that are personal to those particular users, and may not necessarily be representative of all users of our products and/or services. We do not claim, and you should not assume, that all users will have the same experiences. Your individual results may vary.