Apple Gives Tips on Avoiding Phishing Scams Amid Warnings of New SMS Threat

by

Apple this month refreshed the security support document that provides iPhone, iPad, and Mac users with tips on how to recognize and avoid social engineering schemes like phishing messages and fake support calls.

iPhone 12 Security Feature
The updated information follows recent reports of "smishing" attacks targeting Apple IDs. Malicious actors have been sending out SMS text messages that attempt to get users to provide their Apple ID usernames and passwords on a fake iCloud website.

Apple's guidelines provide key information that all users should be aware of to protect themselves, such as a recommendation to ignore messages with suspicious links. Apple says that it will not ask for ‌Apple ID‌ passwords or verification codes, and users should contact Apple directly rather than answering a suspicious phone call or message claiming to be from Apple.

Further, Apple will not ask users to log into any website, to tap Accept in the two-factor authentication dialog, or to enter a two-factor code into a website. Apple will also not request that users disable features like two-factor authentication, Find My, or Stolen Device Protection. Apple's security tips:

  • Never share personal data or security information like passwords or security codes, and never agree to enter them into a webpage that someone directs you to.
  • Protect your ‌Apple ID‌. Use two-factor authentication, always keep your contact information secure and up to date, and never share your ‌Apple ID‌ password or verification codes with anyone. Apple never asks for this information to provide support.
  • Never use Apple Gift Cards to make payments to other people.
  • Learn how to identify legitimate Apple emails about your App Store or iTunes Store purchases.
  • Learn how to keep your Apple devices and data secure.
  • Download software only from sources you can trust.
  • Don't follow links or open or save attachments in suspicious or unsolicited messages.
  • Don't answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through official support channels.

Scammers will go to great lengths to get personal information, so Apple recommends watching out for tricks like creating a sense of urgency through scare tactics like stolen personal information or unauthorized charges. Scammers are after login information and security codes, so that information should not be entered on a website accessed through a link in a text or an email.

Apple also warns against downloading unrecognized, unsafe software and configuration profiles and following instructions on pop-ups. Users who receive a pop-up should ignore the message and close the entire window or tab.

Apple has further instructions on how to spot social engineering schemes, the forms those schemes can take, and how to report suspicious emails, messages, and phone calls. There is a separate support document on what to expect from Apple Support and the kinds of information Apple will not request.

Popular Stories

iphone 16 pro models 1

17 Reasons to Wait for the iPhone 17

Thursday June 12, 2025 8:58 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we often get rumored features months ahead of launch. The iPhone 17 series is no different, and we already have a good idea of what to expect from Apple's 2025 smartphone lineup. If you skipped the iPhone...
Read Full Article69 comments
iPadOS 26 App Windowing

Apple Explains Why iPads Don't Just Run macOS

Friday June 13, 2025 7:46 am PDT by
iPadOS 26 allows iPads to function much more like Macs, with a new app windowing system, a swipe-down menu bar at the top of the screen, and more. However, Apple has stopped short of allowing iPads to run macOS, and it has now explained why. In an interview this week with Swiss tech journalist Rafael Zeier, Apple's software engineering chief Craig Federighi said that iPadOS 26's new Mac-like ...
Read Full Article182 comments
iOS 26 Screens

Here Are All the iOS 26 Features That Require iPhone 15 Pro or Newer

Thursday June 12, 2025 4:53 am PDT by
With iOS 26, Apple has introduced some major changes to the iPhone experience, headlined by the new Liquid Glass redesign that's available across all compatible devices. However, several of the update's features are exclusive to iPhone 15 Pro and iPhone 16 models, since they rely on Apple Intelligence. The following features are powered by on-device large language models and machine...
Read Full Article58 comments
apple beta 26 lineup

Apple 'Sherlocked' These Apps at WWDC 2025

Wednesday June 11, 2025 7:14 am PDT by
Apple at WWDC previewed a bunch of new features coming in its updated operating systems, but certain changes will have been met with dismay by third-party developers who already offer apps with equivalent or similar features. In other words, their product has been "sherlocked" by Apple. When Apple creates an app or a feature that has functionality found in a third-party app, it is referred...
Read Full Article100 comments
iOS 26 on Three iPhones

Hate iOS 26's Liquid Glass Design? Here's How to Tone It Down

Wednesday June 11, 2025 4:22 pm PDT by
iOS 26 features a whole new design material that Apple calls Liquid Glass, with a focus on transparency that lets the content on your display shine through the controls. If you're not a fan of the look, or are having trouble with readability, there is a step that you can take to make things more opaque without entirely losing out on the new look. Apple has multiple Accessibility options that ...
Read Full Article209 comments
maxresdefault

Everything Apple Announced at WWDC 2025 in 10 Minutes

Monday June 9, 2025 5:21 pm PDT by
At today's WWDC 2025 keynote event, Apple unveiled a new design that will inform the next decade of iOS, iPadOS, and macOS development, so needless to say, it was a busy day. Apple also unveiled a ton of new features for the iPhone, an overhauled Spotlight interface for the Mac, and a ton of updates that make the iPad more like a Mac than ever before. Subscribe to the MacRumors YouTube channel ...
Read Full Article165 comments
CarPlay Liquid Glass Dark

Apple to Let iPhone Users Watch Videos on CarPlay Screen While Parked

Thursday June 12, 2025 6:16 am PDT by
Apple this week announced that iPhone users will soon be able to watch videos right on the CarPlay screen in supported vehicles. iPhone users will be able to wirelessly stream videos to the CarPlay screen using AirPlay, according to Apple. For safety reasons, video playback will only be available when the vehicle is parked, to prevent distracted driving. The connected iPhone will be able to...
Read Full Article68 comments
Logitech Logo Feature

Logitech Announces Two New Accessories for WWDC

Friday June 13, 2025 7:22 am PDT by
Alongside WWDC this week, Logitech announced notable new accessories for the iPad and Apple Vision Pro. The Logitech Muse is a spatially-tracked stylus developed for use with the Apple Vision Pro. Introduced during the WWDC 2025 keynote address, Muse is intended to support the next generation of spatial computing workflows enabled by visionOS 26. The device incorporates six degrees of...
Read Full Article20 comments

Top Rated Comments

Unity451 Avatar
Unity451
12 months ago
"Smishing" is about the most un-menacing word I can think of. Beware of the Smishers! (by Dr. Seuss)
Score: 6 Votes (Like | Disagree)
JapanApple Avatar
JapanApple
12 months ago
“Download software only from sources you can trust”
these are words to live by
Score: 4 Votes (Like | Disagree)
kerr Avatar
kerr
12 months ago
Would be good if Apple could do their part.

iCloud, Apple TV+, software/rental purchases: email from no_reply@email.apple.com with Apple logo and blue verified checkmark. Great!

Hardware purchase: dodgy looking email from au_cons_do_not_reply@asia.apple.com, no evidence to suggest it's legitimate even though it is. Gmail understandably sends such emails to spam folder.
Score: 3 Votes (Like | Disagree)
Realityck Avatar
Realityck
12 months ago
Took a week for this news to show up on most press/news services

original source July 2nd. (link was in the OP)
https://www.broadcom.com/support/security-center/protection-bulletin/apple-ids-targeted-in-us-smishing-campaign

Copy Link
Phishing actors continue to target Apple IDs due to their widespread use, which offers access to a vast pool of potential victims. These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases. Additionally, Apple's strong brand reputation makes users more susceptible to trusting deceptive communications that appear to be from Apple, further enhancing the attractiveness of these targets to cybercriminals.
These campaigns are mostly conducted via email although increasingly also through malicious SMS. A very recent case saw a threat actor distributing malicious SMS messages in the United States.
Observed malicious SMS:

* Apple important request iCloud: Visit signin[.]authen-connexion[.]info/icloud to continue using your services.

Typically, smishing actors restrict access to their malicious websites to users on mobile browsers and specific regions to evade detection by monitoring systems. However, in this instance, the malicious website is accessible from both desktop and mobile browsers. To add a layer of perceived legitimacy, they have implemented a CAPTCHA that users must complete. After this, users are directed to a webpage that mimics an outdated iCloud login template.
Score: 3 Votes (Like | Disagree)
now i see it Avatar
now i see it
12 months ago
The scams always follow the same game plan. They’re easy to spot.

Always starts out with some sort of threat to create fear and anxiety.
In the past there were some that claimed you had come into tins of money.
Then -always- there’s a link that they provide to “fix” the problem or just a phone number.

Is it a Scam?
Threat or ridiculous + link = yes.
Easy.
Score: 3 Votes (Like | Disagree)
DavidMalcolm Avatar
DavidMalcolm
12 months ago
Honestly, the lack of work done by large companies to cut down on scammers is a huge problem. The number of times I’ve talked to people who end up on a confusing scam website because they clicked on a Google ad for a major company that Google SHOULD have known wasn’t from that company and automatically blocked is staggering. Facebook is equally as guilty.

The fact that there haven’t been mandatory six month payout waits for in app purchases of gift card codes is nuts. The idea that Apple and Google are not required to refund people who buy these gift cards and give them to scammers is nuts to me.

Like how long has this been going on? There are easy steps that could have been put in place years ago that would have stopped these scammers from making tons of money to reinvest into their operations.

Even just a warning label in the back of all gift cards “these are gift cards, if someone over the phone asked you to purchase this and you did not buy this to use yourself or give to a friend and or family member, please return to a store for a refund with your receipt.”

The fact that phone companies aren’t legally required to provide any information about where a call is originating or how long that number has been assigned to that device is nuts. There’s so much that could be done automatically to prevent these scams, but it isn’t in the interest of stockholder value it’s in the interest of the good of society so nothing is done.
Score: 2 Votes (Like | Disagree)
Read All Comments