Since macOS and iOS are still more secure and impenetrable compared to other systems, cybercriminals resort to phishing tactics to hack into Apple accounts.
They use social engineering to trick users into giving their Apple ID and password. So yes, that "Apple ID locked" email is fake. Here’s what you need to know about Apple scams and how you can spot one.
Apple ID Scams
Scammers who are out to steal your Apple information will use social engineering through phone calls, SMS, or even calendar invitations. But the most common attack is email. One type of scam involves sending a target an email from a group pretending to be from Apple.
They’ll say something about recent activity on your Apple account like a purchase and to make it more believable they’ll attach a fake invoice. You’ll then be compelled to click the link in the email and sign into your Apple account to cancel the purchase.
The page it leads you to is a spoofed Apple page and when you type in your ID and password, hackers will harvest it. This tactic is so effective because people usually panic when they’re told about an unauthorized purchase using their credit card.
Others will call you using a spoofed number that appears to be from Apple. This type of attack is called vishing. Scammers will pretend to be from Apple support and will inform you about some suspicious activity in your account. They’ll trick you into giving them your ID and password so they can supposedly fix the problem.
The most popular of all is the Apple ID email scam. You’ll receive an email supposedly from Apple, informing you that your account has been locked due to suspicious activity.
You’ll be given a deadline to unlock your account or else you’ll be frozen out of this account permanently.
They could also say you’ve been locked out because your account’s about to expire so you need to click on a button to “complete a form” or update your account information.
How To Tell the Apple ID Email Is a Scam
If you are not aware of the different attacks and tactics hackers use to trick you, it's easy to fall for their scams. So it’s important to know the red flags you need to watch out for.
Grammatical Errors And Misspelled Words
The most obvious sign that it’s a scam is if an email has glaring grammatical errors.
Most of these phishing emails are peppered with poor grammar and punctuation, and misspelled words. You’ll also notice sentences that don’t start with a capital letter and random capitalized words within the sentence because the email was written in haste.
Official communications from Apple are written by professionals and so messages are edited and proofread before being sent out.
Some of these emails may also have long run-on sentences.
It may seem like the person who wrote the email tried to cram two to three sentences together without punctuation marks.
Obviously, scammers can be professionals too, so not all fraudulent emails will be littered with errors. In this case, you have other red flags to check.
Suspicious Email Address
Check the sender's email address. Of course, official correspondence from Apple will never be from one using a public domain email address or free email services like @gmail or @yahoo. So, AppleID@gmail.com is not legit, and neither is AppleSupport@yahoo.com.
Some will have extremely long email addresses so you won’t instantly see the entire thing on your browser. You'll need to copy-paste their email onto a document to see it in full. Others will add a letter before or after the word Apple which may be easy to miss. When you look at the email address check if the address is a letter or two off or worse if it’s too long.
Generic Greetings
It’s also a scam if it starts off with "Dear customer" since Apple will always address you by your name, username, or the credentials you have on file. But seeing your name in there doesn’t automatically mean that it’s legit.
Some very sophisticated scams, those that may have your information from data leaks or breaches, will know the name associated with the email address. So don’t be surprised to see a scam email addressing you by your first name too.
Threats And Deadlines
Notice how suspicious emails will pressure you to respond quickly. They’ll often give you a deadline and threaten you by saying you will be locked out permanently if you don’t respond within 24 hours.
This is done to cause panic because then you won’t have time to think rationally. When they are threatening people with a deadline, victims will often forget to check the sender's email or the URL of the site.
They may also put words like URGENT in the subject line, in all caps, or write warnings in red to try to scare you. Some will use bold type and bigger fonts right at the beginning of the message to cause you to panic.
Spoofed Website
The hyperlink in the email might indicate that you are going to an official Apple site since it says Apple.com or "Verify Your Account Here".
Some will use a clickable button instead of a hyperlink to make it look more legitimate but once you hover over it, you’ll see that the URL leads to a different or spoofed page.
Asking For PII
If it’s asking for your Personally Identifiable Information (PII) like your social security number or credit card information, it’s a scam. Emails about your App Store, iTunes Store, iBooks Store, or Apple Music activities will never ask for PII to be sent via email.
Beware of phishing emails that ask for your Credit Card and CVV code, your mother’s maiden name, full credit card number, or social security number.
Formatting Issues
Of course, a blurry Apple logo is a dead giveaway, so is weird email formatting. Some of these scam Apple ID emails will have sentences in a large font at the beginning and then smaller letters which may be in a different font in the body of the email.
Some of these will have weird spaces between sentences and paragraphs. Some text will be center-aligned which makes the email look off and unprofessional.
What To Do if You Get a Phishing Email
Never click on links in emails.
If you want to check your account and payment information, you can do this directly in the Settings on your iPhone, iPad, or iPod. For your Mac, you can go to iTunes or the App Store. You can update your password and purchase information through these routes too.
To check your purchases, so you’ll know if your account has been used to make unauthorized transactions, you can open Settings. Then click your name and then Media & Purchases. Sign in to your account and then click Purchase History. You can select the date ranges to see all purchases made within the last 90 days or before that.
To check your purchase history on your computer, open iTunes then go to the menu bar at the top of the screen. Choose Account, then tap View My Account. Then under Purchase History, you’ll see your most recent purchase. If you want to check all other purchases, click See All on the right-hand side of Purchase History.
If you receive a phishing email from scammers pretending to be from Apple, report it by forwarding it to reportphishing@apple.com.
"Your Apple ID Has Been Locked" Email Is a Scam
Just because Apple devices are relatively secure certainly doesn’t mean hackers will stop trying to attack you.
Scammers will use phishing emails to trick you into giving your Apple ID and password. With these, they can get into your account and make unauthorized purchases using your credit card or sell your information on the dark web.