Since 2016, there has been an ongoing campaign to fraudulently obtain access to your iCloud account.
Phishing refers to an email that attempts to fraudulently acquire personal information from you, such as your Apple ID, password and/or credit card information. On the surface, the email may appear to be from a legitimate company or individual, but it’s not.
This particular scam uses fraudulent emails or texts presenting realistic looking Apple websites that attempt to get you to enter your Apple ID and password being “signing in” to manage or confirm your account. It might say that you’ve been locked out or your iCloud account is expiring.
These scams aren’t new however – they are just getting more adept at appearing legitimate.
- Spelling mistakes
- If it is CC’ed to many recipients
- If the sender email seems illegitimate, and doesn’t match who the sender purports to be
- There is no “combination lock” insignia that the Apple.com website will always have that indicates authenticity. This is called SSL and it lets you know your session is fully secure and encrypted when you are logged in
Attempts that both contact you through email and text messaging may help the hackers seem more legit, but don’t be fooled! Be especially careful if you’ve actually had a lost or stolen phone recently. You may receive a surprise text message or email telling your phone has been located. Don’t fall for it.
Apple password tips
Always use a strong password.
Never use your Apple ID password with other online accounts.
Change your password regularly and avoid reusing old passwords.
Choose security questions and answers that can’t be easily guessed. Your answers can even be nonsense as long as you can remember them. For example, Question: What is your favorite color? Answer: Mozart.
Make sure your iPhone and iPad has its passcode enabled, preferably a six-digit passcode and that you use two-step authentication. There’s even a setting that you can enable that wipes your phone’s data after ten incorrect passcode attempts.
Be certain your security questions are hard and only can answer them. Don’t give out your Apple ID passwords- even to family members, Apple advises.
If you believe that your Apple ID has been compromised, please visit Apple ID to change your password immediately. Remember, you can always visit an Apple store in person or call if you are unsure.