Beware of this latest Apple ID scam
With Black Friday almost upon us, it’s no wonder the scammers are out in force. While it may be a well-used phishing tactic, the cybercriminals behind the latest attack targeting all Apple device users have honed their craft into a very reliable and actionable warning: your Apple ID has been suspended.
Your Apple ID has been suspended Fraud explained
With more than 2 billion active users of Apple deviceswhether it’s an iPhone, iPod, MacBook, or anything else that requires the use of an Apple ID, it’s no surprise that this tech demographic is a prime target for cybercriminals—especially given the larger picture that they’re a data-rich pool of the cost to it is within the Apple ecosystem. We’ve already seen scams sent to iPhone users claiming their iCloud storage capacity is almost full and, of course, offering an upgrade to anyone foolish enough to click the take action button. Now it’s a similar, but more urgent, threat being used as people look to reverse their power during the Black Friday sales.
It increasingly consists of implementations based on artificial intelligence criminally large language modelsthese fake emails are often extremely close to the real thing in look and tone, if not intent. Like other AI support scams, these highly convincing scams are designed with one thing in mind: getting the recipient to click an action button that takes them somewhere that can steal their account credentials. Be warned that the hook will be just as convincing as the bait in most cases, sometimes complete with 2FA-bypass methodologies built into the attack.
In order to capitalize on the fear as much as possible, the email will likely claim that Apple has noticed suspicious activity on your account or that it has been pulled completely and therefore requires further action from you to protect it.
“Phishing scams like the Apple ID Suspended system are becoming more and more prolific and with an immediate need,” said Jake Moore, former digital crime law enforcement officer and now global cybersecurity consultant at ESET, “many people still to be manipulated by the clever tactics used by criminal hackers”.
Apple offers fraud protection tips for all users
“If you suspect an unexpected message, call or ask for personal information such as your email address, phone number, password, security code, or money,” Apple said“it’s safer to assume it’s a scam.”
Apple gives the following tips to users to spot a phishing attack:
- Scammers often mention personal information about you in an attempt to build trust and appear legitimate.
- Scammers often express a desire to help you solve an immediate problem.
- Scammers usually create a strong sense of urgency to avoid giving you time to think and prevent you from contacting Apple directly.
- Scammers will ask for your account details or security codes.
“Apple will never ask you to sign in to any website or tap Accept on the two-factor authentication dialog, or to provide or enter your password, device passcode, or two-factor authentication code on any website ,” Apple said.
“It’s important to verify the sender’s email address for any discrepancies and avoid clicking on suspicious links, as this is where scams often start,” Moore concluded, “if you’re ever in doubt about an Apple ID issue, go directly to official Apple website for double checking.”
