20 January 2020 / Money

Scam warning: Apple ID ‘locked account’ email

George Martin Conversation Editor

Comments 31

This scam email is designed to steal your Apple password by sending you to a fake website. Have you received it? Here’s what it looks like.

When we covered the recent BT Brexit scam email on Which? Conversation, I noted that these phishing scams do tend to arrive with various different twists.

This one, purporting to be from Apple, is no different. This time scammers have added a fake ‘this message is from a trusted sender’ header of their own, which could be enough to catch people out.

It also follows the classic scam method of rushing its target into action with talk of ‘unathorised transcations’, ‘security measures’ and a locked account.

Here’s exactly what it looks like:

The email address it’s arrived from is, obviously, nonsense, but the presence of the Apple logo, brand colours and easy-to-read layout do make it a threat if it turns up in your inbox.

Much like the recent Santander, EE and Netflix scams we’ve seen, the ‘verify’ button will take you to a fake website where you’ll be instructed to ‘confirm your Apple ID’ by entering your username and password.

Once you’ve done that, scammers will have access to your Apple account including any payment information you have attached to it.

Phishing scam advice

We made Apple aware of this phishing scam and, while it didn’t wish to comment specifically, it did provide us with its own guides on identifying legitimate emails from iTunes or the App Store, and how to spot fraudulent emails.

The guide states that you should never share your Apple ID password with anyone, and that Apple will never ask you for this information to provide support.

We’d also echo its advice to use two-factor authentication on your accounts.

If you think you’ve entered your details into a scam site, change your password immediately and inform your bank.

Victims of fraud can also follow our advice on how to get your money back after a scam.

Have you received this Apple ID scam? Did your email software automatically flag it as spam?

Comments

Ian says:

20 January 2020

The lack of prepositions and pronouns in the email should alert the unwary. However, Apple won’t send you something like that; generally they flag the alert only on your computer and when you attempt to access the iTunes store or the App store.

However, this, once again, underlines what by now should be etched in glowing letters in the mind of anyone, anywhere who uses email:

Never, ever follow a link in an email.

Elizabeth says:

2 October 2020

The e mail I saw for reporting phishing doesn’t work..reportphishing@apple.com so what’s the point of reporting?

wavechange says:

20 January 2020

I have not seen this scam, but why would anyone pay attention if their account was working as normal?

Links in emails have many genuine uses but I don’t think they have a place in any email about money or accounts. Perhaps Which? could start a campaign about this.

DerekP says:

20 January 2020

I agree with wavechange that there can be legitimate uses for links in emails.

For example, those who have very limited typing and/or surfing skills may find them to be a great way of directing them to an intended target website, without getting hijacked along the way, which can be a risk if they try to navigate their way there from scratch.

Also, whilst most scams won’t fool most folk most of the time, scammers only need to fool some folk some of the time.

Ian says:

20 January 2020

I agree there are limited uses, Derek; but most folk will have the site in question bookmarked. Perhaps that might make a good campaign, point: training folk to bookmark important sites from the outset.

For example, I always bookmark ‘My Account’ pages, as well as ‘contact us’ pages.

John Ward says:

20 January 2020

People sometimes question why literacy and competence in the use of the English language are given such emphasis in a world where we can communicate adequately with bad spelling, bad grammar, poor sentence construction, and misuse of words. One good reason is to be able to spot a scam. This one is riddled with errors and is clearly emanating from a foreign place, but I bet some have fallen for it because they didn’t recognise the signs. As a nation we don’t need to be pedantic about the use of English but we should certainly be aware. Unfortunately, many organisations are populated with people with poor communication [or mental reasoning] skills so many official missives are questionable. The attempt at being familiar or colloquial is often a good giveaway and, in my view, has no place in official communications between companies and their customers – it makes the scammers work easier.

malcolm r says:

20 January 2020

There will be many people in this country who do not have the literacy skills we like to assume – those badly educated but, perhaps, more importantly those from other countries. We continually advise people about scams, but who does that advice reach and who pays proper attention? It is all very well to say if their is nothing wrong with your account, why respond? Well, scams seem to generate responses about Amazon Prime, internet is being terminated, for example so this is no answer. And while I bookmark important items I wonder how many others are properly organised? So people do respond.

I would legislate that no email involving finances should carry a link; simply a request to visit your account or the sender’s website.

John Ward says:

21 January 2020

An interesting example of corporate illiteracy is an e-mail received this morning from BT about an engineer’s visit booked for this morning. It says “James’s getting ready for you and will be with you today”.

For “engineer” read “technician” [at best].

Philip Keeling says:

24 January 2020

I received a similar text message from ‘AppID’ that contained a link to a web page. I ignored it.

Richard says:

24 January 2020

I am getting regular phone calls by a recording of an American Lady saying that my Apple account needs up-dating and to press a number to get connected. I always put the phone down but I suspect I am being invited to phone a number that will lead me to divulging info.

George Martin says:

24 January 2020

Keep putting the phone down, Richard. It sounds like that call works in exactly the same way as this Amazon Prime scam: https://conversation.which.co.uk/money/amazon-prime-renewal-scam-phone-call/

John Parker says:

24 January 2020

My wife gets a message every morning asking her to confirm her apple ID which we can’t remember.
should we ignore it.

George Martin says:

24 January 2020

Hi John. I’d be interested to see a screenshot of exactly what your wife is receiving and the email address it’s come from. Please do feel free to send a copy to conversation.comments@which.co.uk and I can look into it for you.

Stephen Jones says:

27 January 2020

Hello,
I have had two such e mails about my apple account in the last week. I have ignored them of course.
However, when using Pay pal recently my wife received a message saying that there were possible security issues with our Paypal account and requested her to log on via a link in the e mail.
She was taken in by this and started providing our personal details before I stopped her.
As a result, we cancelled the credit card that was attached to the Paypal account which caused a lot of inconvenience to us as we use the card to pay for most of our purchases/bills.
As a result we have been receiving e mails asking us to update various account payment details.
So, in the case of the Apple e mails I was almost duped as I was expecting such a message.

S. F. Clark says:

27 January 2020

I’ve had many of these e-mails purporting to be from Apple. I used to forward them to Apple but don’t bother anymore as they seem so obvious now. If you haven’t told anybody about you account then nobody knows that you have one. As Apple helpfully says, they will always address you by your Christian name if it’s genuine.

It may be of little relevance but I am 86 and understand some people can be easily confused. ”Buyer beware” was always good sense.

Stan Clark
S. F. Clark

Jan says:

27 January 2020

Look out for spelling mistakes and poor grammar. It’s a giveaway

Maz says:

27 January 2020

I got locked out of my ipad 6 months ago – received message via email similar to the above also requesting bank details – ignored it – ipad lying dormant on table, but i have some sentimental pics i cant access!!

Brenda says:

4 March 2020

Dear Maz
Have you visited an Apple Store for assistance with your issue? You generally will need to book with one of their ‘welcomers’ on your visit and wait for an hour to see someone, but staff there should be able to assist you with your i-Pad issue. I have also received excellent Apple support by phoning their support line.

All the best with getting your issue resolved.

DerekP says:

4 March 2020

Hi Maz, sorry to hear this.

Apple have some forgotten password bypass steps here:-https://support.apple.com/en-gb/HT204306 but those steps don’t seem to allow you to keep the data on your device, if that data was not already backed up to iCloud.

My old Apple Macbook was different – and did allow me to reset my lost user password without any loss of data. In the past, I’ve also done similar tricks on Windows and Linux PC’s, but I have also failed on Android devices.

wavechange says:

4 March 2020

The information needed will be on the Apple website but phoning Apple or calling into an Apple Store will be the easiest option.

It’s important not to let the battery of a tablet (or phone or laptop) become completely discharged when not in use, otherwise it could be damaged.

Stephen Thumpston says:

10 April 2020

Yup. Seen this one many times.

efi says:

7 May 2020

Hello.
I received this mail one hour ago. Due to some problems I had with my ID when i was logging in from my macbook I did not think it was a scam, so I followed this link and I typed my email and password. Then they asked me about further infos like my phone etc and I started thinking something is not going right. I changed immediately my apple id password.First of all, I am worried because I selected ‘remember me’ on this fake site, so they might have my past password and of course my username of my apple ID. And secondly, I am much worried if they have already got my bank account codes. Could you help me please?

George Martin says:

7 May 2020

Hi efi. If you use the same password for other accounts I’d recommend changing it ASAP. From what you’ve described it’s unlikely bank details have been compromised, but if you have any doubts you should let your bank knows what’s happened. Hope this helps.

efi says:

7 May 2020

Thank you very much!!

Brian says:

9 May 2020

When I get calls with the obvious Indian accent I just ask what the weather is like in India and thats enough for the call to be ended abruptly. Mind you I did get a call from a gentleman with a strong accent a couple of days ago who wanted my NHS number (to do with the virus) but when I told him it’s a scam he said he quite understood and gave me a web address which when I checked via the gov.uk website the address he gave was correct. So was it a scam or not I don’t really know. Just call me Mr suspicious. However I have noticed a worrying trend. Last year I had a long standing problem with BT and had to keep calling over many weeks till the fault was found and rectified. But each time I was routed to their Indian call centre within 24 hours I had a scam call. Once could be coincidence but this happened three times but never when using the UK call centre. Mr suspicious thinks it could be a security leak. I did report to BT but they were not really interested I believe they are bringing most support back to the uk.

John Ward says:

10 May 2020

A few years ago, when I still enjoyed teasing telephone scammers, the most frequent call was the ‘BT technical support’ scam in which the voice stated that my internet connection would be shut down unless I did this or that immediately. I asked where they were calling from and they usually gave the address of BT’s HQ in Newgate Street in the City of London. Knowing that that was just a corporate head office with no technical functions in it I would ask the caller to give me the name of the nearest Underground station or name two famous landmark buildings within a five minute walk. That usually closed the engagement.

Christina says:

13 October 2020

my husband received one recently that came from digital-no-reply@tbin.apple.com problem is we never set up an account for my husband. had him turn it as phishing.

Clare Elizabeth McKee says:

10 November 2020

I, too found this email purporting to be from Apple in my inbox 2 days ago. My computer didn’t spot it was SPAM. it had red exclamation marks on it. I don’t know who put them there. I deleted it.

chris williams says:

21 December 2020

Beware of an email saying your I-cloud account has been locked. The usual VERIFY box is the give away plus the cc to an oblique email address, but it will take in the unsuspecting individual if not careful

wavechange says:

21 December 2020

Thanks for the warning Chris. I suppose that the fact that supposedly locked accounts carry on working is a giveaway the email is fraudulent. I’ve lost count of the calls saying my internet service will be terminated unless I respond, yet it keeps on working.

Jon Stricklin-Coutinho says:

21 December 2020

Would you be able to share the suspicious email with us on conversation.comments@which.co.uk Chris? We’d be keen to make our scams team aware of it if possible!

Help

Scam warning: Apple ID ‘locked account’ email

Phishing scam advice

Search

Latest discussions

Vote in our poll

Phishing scam advice

Search

Latest discussions

Vote in our poll

Join the debate

Related discussions