Don’t get caught in the 'Apple ID suspended' phishing scam

Blog

Kurt Knutsson, CyberGuy Report

Scammers keep coming up with new and, honestly, pretty clever ways to trick people. They socially engineer their phishing emails and messages so well that even the most tech-savvy users have to think twice. One example is the "Apple ID Suspended" phishing scam. 

You might have seen it before since it’s been going around for the past few years. 

Here’s how it works: You get an email from what looks like Apple, saying your Apple ID has been suspended. 

The sender's name shows "Apple," but the email is actually from a scammer trying to get you to click on a malicious link.

I’M GIVING AWAY A $500 GIFT CARD FOR THE HOLIDAYS

What you need to know

The Apple ID phishing emails have come a long way in recent years. They used to be plain text, had no Apple branding and didn’t even greet or address the user. Now, though, they look almost identical to genuine Apple emails. These fraudulent emails claim your Apple ID has been suspended to trick you into giving up login credentials or other sensitive information. They come complete with an Apple logo, show "Apple ID" as the sender name and have a big blue button that says "Go to Apple ID."

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

The email pretends to be from Apple Support, claiming your access has been suspended due to "unusual activity" or missing or invalid information. It says you can't access your account or Apple services until you verify your identity. There’s usually a link that leads to a fake Apple site, asking you to enter your username, password and additional personal details to reactivate your account. To add urgency, it even warns that if you don’t verify your Apple ID within 24 hours, it will be permanently blocked.

NEW CYBERATTACK TARGETS IPHONE AND APPLE IDS: HERE’S HOW TO STAY SAFE

Watch out for red flags

If you’re not paying attention, it’s easy to get tricked into clicking the link in a scam like this. But if you’re keeping an eye out, there are plenty of red flags. I’ve added a sample phishing email below, and you’ll spot the issues immediately. For one, it’s not actually from Apple; the email domain is @uaepass.ae, which has nothing to do with Apple. Any legit Apple email will end with "@email.apple.com," so anything else is an instant red flag.

Then there’s the awful grammar and punctuation. A company worth $3.37 trillion can definitely afford a decent content writer. You know someone at Apple is not going to mix up past and present tense like it’s their first time writing an email.

Take this gem: "Therefore we need to re-verify your account data. if you did not verify your account within 48 hour, your account will be permanently locked, go to Apple ID and verify as soon as possible." It reads like someone smashed a bunch of words together and called it a day. I'm not trying to give a grammar lesson here, but you get the point.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

HOW TO SECURELY LOCK YOUR IPHONE AND IPAD FROM PRYING EYES

6 ways to protect yourself from Apple ID phishing scams

1. Check the email address: Always verify the sender’s email address. Any legitimate email from Apple will come from a domain ending in "@email.apple.com." If it’s anything else, like @uaepass.ae, it’s a scam.

2. Look for spelling and grammar mistakes: Phishing emails often have poor grammar and punctuation. If the message sounds odd or looks like it was written by someone who doesn’t know how to write well, be suspicious.

3. Don’t click on suspicious links: If the email asks you to click a link, don’t do it right away. Hover over the link to see the actual URL. If it doesn’t look like an official Apple website (or any site you trust), don’t click it.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

4. Enable two-factor authentication (2FA): This adds an extra layer of protection to your Apple ID. Even if a scammer gets your password, they won’t be able to log in without the second authentication step.

5. Verify directly with Apple: If you’re ever unsure about an email or message, go directly to Apple’s official website or contact their support team. Don’t use any contact info provided in a suspicious email.

6. Invest in data removal services: Scammers often use personal information that’s readily available online to craft more convincing phishing attempts. By investing in data removal services, you can reduce the amount of personal data that’s exposed on the web, making it harder for scammers to target you effectively.

While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. 

​​TOP PHONE CHARGING CABLES THAT WILL SUPERCHARGE YOUR APPLE DEVICES

Kurt’s key takeaways

Scammers are getting pretty clever, but you don’t have to fall for their tricks. By staying alert and keeping an eye out for those red flags, you can easily spot these phishing attempts before they catch you off guard. Always double-check the sender’s email address, watch for bad grammar and don’t click on any suspicious links. If something feels off, don’t hesitate to go directly to Apple’s official website or contact their support team.

Do you think companies like Apple are doing enough to protect users from scams? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover

Follow Kurt on his social channels

  • Facebook
  • YouTube
  • Instagram

Answers to the most asked CyberGuy questions:

  • What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked?
  • What is the best way to stay private, secure and anonymous while browsing the web?
  • How can I get rid of robocalls with apps and data removal services?
  • How do I remove my private data from the internet?

New from Kurt:

  • Try CyberGuy's new games (crosswords, word searches, trivia and more!)
  • Enter Cyberguy’s $500 Holiday Gift Card Sweepstakes

Copyright 2024 CyberGuy.com.  All rights reserved.

Related blog & articles