Scammers keep coming up with new and, honestly, pretty clever ways to trick people. They socially engineer their phishing emails and messages so well that even the most tech-savvy users have to think twice. One example is the “Apple ID Suspended” phishing scam. You might have seen it before since it’s been going around for the past few years. Here’s how it works – you get an email from what looks like Apple, saying your Apple ID has been suspended. The sender’s name shows “Apple,” but the email is actually from a scammer trying to get you to click on a malicious link.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
What you need to know
The Apple ID phishing emails have come a long way in recent years. They used to be plain text, had no Apple branding, and didn’t even greet or address the user. Now, though, they look almost identical to genuine Apple emails. These fraudulent emails claim your Apple ID has been suspended to trick you into giving up login credentials or other sensitive information. They come complete with an Apple logo, show “Apple ID” as the sender name, and have a big blue button that says “Go to Apple ID.”
The email pretends to be from Apple Support, claiming your access has been suspended due to “unusual activity” or missing or invalid information. It says you can’t access your account or Apple services until you verify your identity. There’s usually a link that leads to a fake Apple site, asking you to enter your username, password, and additional personal details to reactivate your account. To add urgency, it even warns that if you don’t verify your Apple ID within 24 hours, it will be permanently blocked.
NEW CYBERATTACK TARGETS IPHONE AND APPLE IDS: HERE’S HOW TO STAY SAFE
Watch out for red flags
If you’re not paying attention, it’s easy to get tricked into clicking the link in a scam like this. But if you’re keeping an eye out, there are plenty of red flags. I’ve added a sample phishing email below, and you’ll spot the issues immediately. For one, it’s not actually from Apple; the email domain is @uaepass.ae, which has nothing to do with Apple. Any legit Apple email will end with “@email.apple.com,” so anything else is an instant red flag.
Then there’s the awful grammar and punctuation. A company worth 3.37 trillion dollars can definitely afford a decent content writer. You know someone at Apple is not going to mix up past and present tense like it’s their first time writing an email.
Take this gem: “Therefore we need to re-verify your account data. if you did not verify your account within 48 hour, your account will be permanently locked, go to Apple ID and verify as soon as possible.” It reads like someone smashed a bunch of words together and called it a day. I’m not trying to give a grammar lesson here, but you get the point.
HOW TO SECURELY LOCK YOUR IPHONE AND IPAD FROM PRYING EYES
6 ways to protect yourself from Apple ID phishing scams
1) Check the email address: Always verify the sender’s email address. Any legitimate email from Apple will come from a domain ending in “@email.apple.com.” If it’s anything else, like @uaepass.ae, it’s a scam.
2) Look for spelling and grammar mistakes: Phishing emails often have poor grammar and punctuation. If the message sounds odd or looks like it was written by someone who doesn’t know how to write well, be suspicious.
3) Don’t click on suspicious links: If the email asks you to click a link, don’t do it right away. Hover over the link to see the actual URL. If it doesn’t look like an official Apple website (or any site you trust), don’t click it.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
My top pick is TotalAV, and you can get a limited-time holiday deal for CyberGuy readers:
$19 (5 devices)
$14.95 (3 devices)
4) Enable two-factor authentication (2FA): This adds an extra layer of protection to your Apple ID. Even if a scammer gets your password, they won’t be able to log in without the second authentication step.
5) Verify directly with Apple: If you’re ever unsure about an email or message, go directly to Apple’s official website or contact their support team. Don’t use any contact info provided in a suspicious email.
6) Invest in data removal services: Scammers often use personal information that’s readily available online to craft more convincing phishing attempts. By investing in data removal services, you can reduce the amount of personal data that’s exposed on the web, making it harder for scammers to target you effectively.
While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time.
I always recommend Incogni, which has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.
Special Holiday Deal for CyberGuy Readers (65% off – lowest price anywhere): Incogni offers a 30-day money-back guarantee and an exclusive CyberGuy discount available only through the links in this article. Pricing is just $5.24/month for an individual plan (billed annually) or $11.54/month for a family plan (up to 4 people), both providing fully automated data removal services, including recurring removal from over 190 data brokers. You can add up to 3 emails, 3 home addresses and 3 phone numbers (U.S. citizens only) and have them removed from data-broker databases. I recommend the family plan—it breaks down to only $2.89 per person per month for comprehensive, year-round coverage. This is an outstanding service, and I highly recommend giving it a try to see the benefits for yourself.
Get Incogni for your family (up to 4 people) here
TOP PHONE CHARGING CABLES THAT WILL SUPERCHARGE YOUR APPLE DEVICES
Kurt’s key takeaway
Scammers are getting pretty clever, but you don’t have to fall for their tricks. By staying alert and keeping an eye out for those red flags, you can easily spot these phishing attempts before they catch you off guard. Always double-check the sender’s email address, watch for bad grammar, and don’t click on any suspicious links. If something feels off, don’t hesitate to go directly to Apple’s official website or contact their support team.
Do you think companies like Apple are doing enough to protect users from scams? Let us know in the comments below.
FOR MORE OF MY SECURITY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE.
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
1 comment
No. Apple is NOT doing enough. Someone stole my Apple Card information. I know who, and where, and when. It was a CVS Caremark Mail Order rep who took my credit card information over the phone. Three charges appeared, and Apple denied the charges, somehow knowing it was NOT me. When I called for the location of the charges, Apple said they didn’t know. WHAT? YOU ARE APPLE!! I asked if they had the IP address. Yes, they do. Can you believe I had to explain to Apple that they can use the IP address to geo-locate the computer where the fraudulent charges were made???? I couldn’t believe it, either. Here’s another thing: because the charges were denied, Apple DOES NOT CARE about who stole my CC info. Nope. They do not care at all. I have the whole text exchange saved. Apple SUCKS at protecting its customers.