How to Identify and Avoid Apple ID Phishing Scams

Lyndon Seitz
Dolores Bernal
December 5, 2023
Apple ID Scams

If you’re a MacOS user you know how important your Apple ID is.

It’s up there with Facebook, Google, and Amazon as an account that links to practically everything.

That makes an Apple ID account valuable to hackers, scammers, and others.

And while accessing Apple’s database or controlling such information is the cybercriminals’ Holy Grail, it’s thankfully tough to crack.

Scammers are relentless though, and they won’t stop until they access your Apple account, linked not only to your Mac but also to your iPhone and iPad, and take from it whatever they can use for their evil purposes (e.g., identity theft, extortion, etc.)

So what do you need to know about Apple ID scams, and what can you do? I’m here to guide you through that question, so keep reading.

What Are Apple ID Phishing Scams?

Apple ID Phishing Scam” is a catchall term for scams designed to get users to part with their Apple ID information.

The end goal is to crack the egg of an Apple ID account and get personal information and even financial account access inside the account. A scammer will then take what they can to use or sell.

They are extremely prevalent, especially in the United States, where Apple products are used commonly. Apple is the eleventh most impersonated brand in Phishing attacks, just after Amazon.

How Do Apple ID Phishing Scams Work?

It can depend on the variant of Apple ID scam used, but there are a few common threads amongst most of them:

  • The scammer sends the intended victim a message hoping to get them to click a link or input/respond with personal information, often directing them to fake websites that closely mimic official Apple pages.
  • The scammer is likely impersonating an otherwise trustworthy entity, such as a friend, Apple support, or automated systems related to Apple.
  • The scammer often includes a sense of urgency in the message.
  • The scams often involved unwanted or unwarranted actions on the part of the sending entity (unwanted calendar invites, entries to giveaways no one asked for).
  • With the stolen credentials, attackers can access the victim’s Apple ID account. This may allow them to make unauthorized purchases, access personal information, or misuse other services linked to the Apple ID.

Essentially, an Apple ID scam attempts to abuse your trust in Apple as a legitimate business by leading you to fake websites to steal your account information.

Who Perpetrates These Scams?

Scammers, of course.

While technically true, tautologies might not help you understand much. Scamming these days is more complex than some person behind a computer sending emails. For instance:

  • Most cybercrime perpetrated today is done by cybercriminal collectives, organized crime groups, etc., instead of lone-wolf hackers. They will have their own departments and everything.
  • Scammers work worldwide and often target people outside their own countries, if possible.
  • Scammers will have tools at their disposal to make their work more efficient. For them, it’s mostly about quantity and not quality. Someone will bite if a scammer sends out a million emails, right?

Remember that the landscape constantly changes, and scammers will adapt to the times like anyone else. The scammers of tomorrow might not look like the scammers of today.

Who Is a Target of Apple ID Fraud?

Anyone with an Apple ID account, which means hundreds of millions of people, are potential targets. 

However, there are a few groups that should be especially cautious:

  • The elderly are, unfortunately, often targeted by scammers. The median losses by the elderly to scams are higher (and increase with age). The majority of tech support scam reports are from elders. If you are in this group, please be careful. If you have an elderly parent with an Apple ID account, please teach them about Apple ID scams.
  • Those who use their Apple ID account as a primary account. People who use Apple services or Apple Mail are more likely to notice emails from “Apple” and expect email communications from them. 
  • Finally, some people simply aren’t technologically savvy or aware of scams. Many people choose Apple because it is easy to use, and that’s fantastic. However, these people might not know about the dangers online, which makes them more susceptible to scams.

How to Detect an Apple Phishing Email?

Not all scam or phishing messages are the same, but there are a few common signs to watch for:

  • Look at who it’s addressed to. Most official emails will address you by your name. A scam will more likely address you with something like  “Dear Sir/Madam.” 
  • Look at the sender. A scammer will not have an official email address, no matter what tricks the scammer uses to make the email look official. If the scammer does have such an address, Apple really needs to look into that.
  • Look for a sense of urgency designed to throw you off. Scammers want you to act, not think. Don’t do that.
  • It contains suspicious links. Examine the links carefully. Hover over them without clicking to see the actual page URL. Verify the authenticity by cross-referencing with official Apple and iCloud communications or checking your email security settings.
  • It’s asking for something abnormal, such as personal information that wouldn’t be needed or money that wouldn’t be required, especially concerning your Apple and iCloud accounts. Check your security settings to ensure your personal information is protected.
    • Bonus points if the money requested is to be processed through gift cards at some point.

These signs are not only true for Apple phishing email messages but most phishing emails in general. You’ll be much safer once you internalize and look out for them.

Apple ID

Common Apple ID Phishing Scams

  1. The Fake Support Contact
  2. Fake Order Receipts
  3. Verification or Suspicious Activity
  4. “Your Device Has Been Suspended”
  5. The MetaMask Apple ID scam

We talked about variants, and there are many, but what are some of the most common ones

1. The Fake Support Contact

Scammers have long been stealing the hats of customer and technical support professionals, besmirching the reputation of those esteemed individuals who have to deal with complaints all day.

A scammer will send an email, text message, or phone call stating that they are with Apple and they noticed something wrong with your account.

Then they’ll ask for details about the account and potentially personal information. This can later (or immediately) be used to commit identity theft or steal your account.

Alternatively, instead of telling them directly, they might want you to click on a link or provide details on a certain web page. This leads to malware or identity theft.

Defense: Never give customer support sensitive information. They don’t need your social security information, or credit card number and will not ask you for your login information (perhaps your username/email, but not your Apple ID password and additional verification measures).

If Apple support is reaching out to you and you’re wary (perhaps something seems suspicious), don’t respond and reach out to them on their official lines.

2. Fake Order Receipts

An Apple ID scam might come in the form of a fake invoice, receipt, or order email, saying that further action on your part is required.

That action is sending money or providing personal information.  

If the scammers want to try something slightly different (but still tried millions of times), they might say you’re due a refund or a free product if you confirm something with them. Nothing free is coming your way, though I suppose you don’t need to purchase identity theft.

Defense: Ignore and delete the email if you didn’t buy something. You can always check your bank account/credit card statements for whether you purchased something, and Apple services also have order histories. Check the sender’s email address and the details of the email to see if it’s a scam, and don’t respond regardless.

Again, reach out through official channels not listed in the email if you’re concerned.

3. Verification or Suspicious Activity

You might get an email about your Apple ID account stating that your account has been compromised, suspicious activity has been reported, verification is needed to continue with the account, etc.

It will say (in some variation), “To fix the account, please input this information or click on the links attached to this email/message”.

The email itself is suspicious activity.

Note this as a variation of a tech support scam, and treat it accordingly.

Defense: Before anything else, understand where the message is coming from and look more closely at the contents of the message. Don’t let a sense of urgency trick you.

If you received an email requesting verification of an account sign-in and didn’t request it, delete the email and immediately take steps to protect your account further.

4. “Your Device Has Been Suspended”

One common scam involves an eye-catching headline or initial text message saying that your device or account has been suspended and isn’t available for further use.

Then to restore access to your account or device, please click on the link or input the following information.

If you look past the bells and whistles, this one is transparent. It hopes to shock you into doing something immediately when nothing might be wrong or required.

Defense: First, check on your account if you’re concerned, but don’t do it via the links. If you can log in and everything works normally, the message is a scam, and you can go on with your life. 

If you are experiencing problems, contact Apple support directly through their official line. They’ll be able to help you.

5. The MetaMask Apple ID scam

The MetaMask Apple ID scam is a rather specific and more targeted one, but it’s also one with severe consequences if you fall for it. It has a few steps:

  • Knowing your Apple ID email address, scammers will make many password reset attempts, making you worry about your account.
  • Someone will call you claiming to be Apple support and then ask for a 6-digit code generated when the password reset attempts were made.
  • They use this to gain access to your account, including your seed Metamask account, and then use that to steal the funds contained there.
    • The scammers will also steal your account information and personal data because they can.

It’s a more elaborate scam than the others, making it especially dangerous.

This could mean that your entire crypto wallet gets stolen from your account, leading to a massive loss. Due to the nature of cryptocurrency, it will be difficult or impossible to get that money back.

Defense: If an “Apple” representative contacts you suddenly after some failed password reset attempts, do not continue the call. Hang up, then contact customer support through official channels.

What to Do If You Fall Victim to this Scam?

Apple ID scams are particularly dangerous because they are closely linked to many accounts. They also carry much information (more on this in a moment).

Some of the end results of an Apple ID scam are:

  • Identity theft
  • Loss of your account
  • Loss of money
  • Lost time from recovering everything (if possible)

It can be a severe problem and ruin your week, month, or even year if you don’t respond properly.

If you are targeted in an Apple ID scam, take these steps to protect yourself:

1. Keep Calm and Find Out What Happened

Ok, it appears you’ve fallen victim to a scam. It is okay and happens to many people. Still, you have a problem to solve and need to focus on it. You can beat yourself up later (not recommended). 

Isolate the offending message and resolve to move forward.

2. Disconnect Your Device

Disconnecting your device(s) by putting them in airplane mode or turning them off can give you time.

It’s a simple step but an important one.

3. Understand the Scam

What Apple ID scam variant did you fall for, and what information do they have? Based on the playbook of the scam, what do you think the scammer’s next steps are, if any?

You can only know what steps you should take next by understanding the scam. 

Review the scams above for a match or partial match, and then work to set up a plan to secure your accounts and identity.

4. Secure Your Account(s)

Your account is in danger if it’s not compromised already, and you need to take fast steps to solve that situation. If you can, immediately change the Apple ID password and activate two-factor authentication for your account (it should ideally be on already). 

Additionally, other linked accounts might be compromised as well. Secure them as best you can.

5. Report the Event to the Right Channels

  • Contact Apple Support. You may need their help to get your account fully secure and under your control again. They would also be very interested to learn about the scam, though they’ve likely seen thousands of versions.
  • The FTC is interested in such scams and may have materials to help you.
  • If other accounts might be affected or compromised, change those accounts’ passwords and contact support for those accounts if further action is required.
  • You will want to contact your bank and credit providers about what happened and warn about potential identity theft. Freeze your credit as part of the process.

6. Ensure Your Identity is Safe

Outside of great financial losses, the greatest threat you will have to contend with is identity theft. You need to watch for it.

Get help with this step. Companies such as Aura will be able to do a better job at it and do it more efficiently. They can monitor accounts, provide fraud alerts, and prevent ID theft before it starts or goes too far.

You will need to have a watch set up for a while. Not all stolen data gets used immediately.

7. Breathe and Reflect

This is on the scammer, not you. Yet it is your job to make sure it doesn’t happen again. What could you have done differently, and what can you do in the future to better protect your accounts and information?

Preventative Measures to Take Today

If you aren’t currently dealing with a scam, you can still take measures today to better protect yourself. 

  • If you’re worried about identity theft, sign up for a service such as Aura to get identity theft insurance, get monitoring on your most important accounts and information, and give yourself more peace of mind.
  • Secure your Apple ID through two-factor authentication and a strong password if you have not done so already.
  • Learn the most common scam variations and occasionally check to see if there are new popular scams to watch out for.
  • Remember never to provide account security information to anyone, online or off, regardless of who they are. 


Protecting your Apple ID is essential, but Apple and security programs can only do so much. You need to know what to do when faced with these scams.

Given the numbers and various scam methods, it might seem daunting, but you got this. Invest in some solutions such as Aura, take some time to set up additional defenses, and, most importantly of all, invest in your own cybersecurity education. Take action today and save yourself from massive headaches and financial losses.

Read Other Types of Scams: