All iPhone users are being warned about a wave of new phishing emails attempting to steal their account credentials.
Cybercriminals send fake emails claiming to be from Apple, informing users that their accounts have been suspended and asking them to take further action.
The scam email tells users to click on a link to verify their account, redirecting them to another page that steals their login and two-factor authentication information.
Website requires unsuspecting victims to log in your usernames and passwords, giving hackers instant access to your digital wallets.
To make the communication seem more urgent, the hackers also warn that the user only has 24 hours to verify their Apple ID or they will be permanently blocked.
Hackers are taking advantage of people gravitating towards Black Friday online and
Cyber Monday shopping deals to convince users that their Apple ID was suspended on their iPhone.
These emails can be difficult to navigate because they look like a standard Apple support email.
However, there are red flags to look out for, such as poor punctuation and grammar and an email domain that doesn’t end in @apple.com.
Hackers are taking advantage of the holiday season to target Apple users with phishing emails claiming their account has been locked.
“Apple will never ask you to sign in to any website, tap OK in the two-factor authentication dialog, or provide your password, device passcode, or two-factor authentication code, or ask you to do so. enter any website,” Apple shared on its website.
“Phishing scams like the Apple Suspended ID scheme are becoming increasingly prolific and require immediate urgency,” said Jake Moore, former digital crime law enforcement officer and now global cybersecurity advisor at ESET.
“Many people continue to be manipulated by the clever tactics used by criminal hackers.”
To appear credible, hackers often mention your personal information, such as your name or phone number, to gain the user’s trust.
They will try to instill a strong sense of urgency to discourage you from contacting Apple directly.
If users cannot detect the red flags in the message, “It’s important to check the sender’s email address for any discrepancies,” Moore continued.
“And avoid clicking on suspicious links, as this is where scams often start,” he said, adding that “if you’re ever in doubt about an Apple ID issue, go directly to Apple’s official website to check it.” “.
Apple has provided steps to recover your ID if it is compromised.
“If you believe your Apple Account has been compromised, or you may have entered your password or other personal information on a fraudulent website, change your Apple Account password immediately and make sure two-factor authentication is enabled,” he shared the technology giant. on their support page.
Phishing emails require users to enter their login credentials, including two-factor authentication, to fix the so-called problem. Instead, they are stealing that information to authorize spending.
There is another trick floating around that also uses fake messages to access users’ iCloud.
The scam, sent via email and text messages, tells the user that there is a problem with their iCloud account and that it needs to be fixed immediately.
iCloud is a cloud-based program that allows users to store data, including pictures and messages, on multiple Apple devices. While an Apple ID is a private account that grants access to Apple services.
The messages may also indicate that iCloud is almost full and that users can click the link to get a free update.
As with the Apple ID hack, users are asked to provide login credentials before receiving the update or seeing what the supposed urgent issue is.
And hackers use the information to take control of the victim’s account, allowing them to authorize purchases for themselves.
Users should take steps to protect their accounts and avoid scams: never share personal data or security information, always use two-factor authentication, and do not click on links or open attachments in suspicious emails.
The company says it will never ask users to log in to a website or provide their password or two-factor authentication code to enter any site.
Apple added that if you’re not sure if an email is real, you should first look at the email’s domain to confirm if it’s legitimate.
DailyMail.com has contacted Apple for comment.