Apple Gives Tips on Avoiding Phishing Scams Amid Warnings of New SMS Threat

by

Apple this month refreshed the security support document that provides iPhone, iPad, and Mac users with tips on how to recognize and avoid social engineering schemes like phishing messages and fake support calls.

iPhone 12 Security Feature
The updated information follows recent reports of "smishing" attacks targeting Apple IDs. Malicious actors have been sending out SMS text messages that attempt to get users to provide their Apple ID usernames and passwords on a fake iCloud website.

Apple's guidelines provide key information that all users should be aware of to protect themselves, such as a recommendation to ignore messages with suspicious links. Apple says that it will not ask for ‌Apple ID‌ passwords or verification codes, and users should contact Apple directly rather than answering a suspicious phone call or message claiming to be from Apple.

Further, Apple will not ask users to log into any website, to tap Accept in the two-factor authentication dialog, or to enter a two-factor code into a website. Apple will also not request that users disable features like two-factor authentication, Find My, or Stolen Device Protection. Apple's security tips:

  • Never share personal data or security information like passwords or security codes, and never agree to enter them into a webpage that someone directs you to.
  • Protect your ‌Apple ID‌. Use two-factor authentication, always keep your contact information secure and up to date, and never share your ‌Apple ID‌ password or verification codes with anyone. Apple never asks for this information to provide support.
  • Never use Apple Gift Cards to make payments to other people.
  • Learn how to identify legitimate Apple emails about your App Store or iTunes Store purchases.
  • Learn how to keep your Apple devices and data secure.
  • Download software only from sources you can trust.
  • Don't follow links or open or save attachments in suspicious or unsolicited messages.
  • Don't answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through official support channels.

Scammers will go to great lengths to get personal information, so Apple recommends watching out for tricks like creating a sense of urgency through scare tactics like stolen personal information or unauthorized charges. Scammers are after login information and security codes, so that information should not be entered on a website accessed through a link in a text or an email.

Apple also warns against downloading unrecognized, unsafe software and configuration profiles and following instructions on pop-ups. Users who receive a pop-up should ignore the message and close the entire window or tab.

Apple has further instructions on how to spot social engineering schemes, the forms those schemes can take, and how to report suspicious emails, messages, and phone calls. There is a separate support document on what to expect from Apple Support and the kinds of information Apple will not request.

Popular Stories

apple store down feature

Here's Why the Apple Store is Going Down

Thursday November 27, 2025 1:01 pm PST by
Apple's online store is going down for a few hours on a rolling country-by-country basis right now, but do not get your hopes up for new products. Apple takes its online store down for a few hours ahead of Black Friday every year to tease/prepare for its annual gift card offer with the purchase of select products. The store already went down and came back online in Australia and New Zealand, ...
Read Full Article18 comments
iPhone Pocket Short

iPhone Pocket is Now Completely Sold Out Worldwide

Tuesday November 25, 2025 7:16 am PST by
Apple recently teamed up with Japanese fashion brand ISSEY MIYAKE to create the iPhone Pocket, a limited-edition knitted accessory designed to carry an iPhone. However, it is now completely sold out in all countries where it was released. iPhone Pocket became available to order on Apple's online store starting Friday, November 14, in the United States, France, China, Italy, Japan, Singapore, ...
Read Full Article138 comments
New Intel Logo

Apple and Intel Rumored to Partner on Mac Chips Again in a New Way

Friday November 28, 2025 7:33 am PST by
While all Macs are now powered by Apple's custom-designed chips, a new rumor claims that Apple may rekindle its partnership with Intel, albeit in a new and limited way. Apple supply chain analyst Ming-Chi Kuo today said Intel is expected to begin shipping Apple's lowest-end M-series chip as early as mid-2027. Kuo said Apple plans to utilize Intel's 18A process, which is the "earliest...
Read Full Article112 comments
streaming black friday 2025

Best Black Friday Streaming Deals - Save Big on Apple TV, Disney+, Hulu, and More

Thursday November 27, 2025 1:14 pm PST by
We've been focusing on deals on physical products over the past few weeks, but Black Friday is also a great time of year to purchase a streaming membership. Some of the biggest services have great discounts for new and select returning members this week, including Apple TV, Disney+, Hulu, Paramount+, Peacock, and more. Note: MacRumors is an affiliate partner with some of these vendors. When...
Read Full Article22 comments
iphone air camera

iPhone Air Flop Sparks Industry Retreat From Ultra-Thin Phones

Thursday November 27, 2025 3:14 am PST by
Apple's disappointing iPhone Air sales are causing major Chinese mobile vendors to scrap or freeze their own ultra-thin phone projects, according to reports coming out of Asia. Since the ‌iPhone Air‌ launched in September, there have been reports of poor sales and manufacturing cuts, while Apple's supply chain has scaled back shipments and production. Apple supplier Foxconn has...
Read Full Article242 comments
iphone black friday gold

The Best Black Friday iPhone Deals Still Available

Friday November 28, 2025 6:24 am PST by
Cellular carriers have always offered big savings on the newest iPhone models during the holidays, and Black Friday 2025 sales have kicked off at AT&T, Verizon, T-Mobile, and more. Right now we're tracking notable offers on the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air. For even more savings, keep an eye on older models during the holiday shopping season. Note: MacRumors is...
Read Full Article3 comments
Apple Foldable Thumb

Foldable iPhone to Debut These Three Breakthrough Features

Tuesday November 25, 2025 7:09 am PST by
Apple's first foldable iPhone is expected to launch alongside the iPhone 18 Pro models in fall 2026, and it's shaping up to include three standout features that could set it apart from the competition. The book-style foldable will reportedly feature an industry-first 24-megapixel under-display camera built into the inner display, according to a recent JP Morgan equity research report. That...
Read Full Article130 comments

Top Rated Comments

Unity451 Avatar
Unity451
18 months ago
"Smishing" is about the most un-menacing word I can think of. Beware of the Smishers! (by Dr. Seuss)
Score: 6 Votes (Like | Disagree)
JapanApple Avatar
JapanApple
18 months ago
“Download software only from sources you can trust”
these are words to live by
Score: 4 Votes (Like | Disagree)
kerr Avatar
kerr
18 months ago
Would be good if Apple could do their part.

iCloud, Apple TV+, software/rental purchases: email from no_reply@email.apple.com with Apple logo and blue verified checkmark. Great!

Hardware purchase: dodgy looking email from au_cons_do_not_reply@asia.apple.com, no evidence to suggest it's legitimate even though it is. Gmail understandably sends such emails to spam folder.
Score: 3 Votes (Like | Disagree)
Realityck Avatar
Realityck
18 months ago
Took a week for this news to show up on most press/news services

original source July 2nd. (link was in the OP)
https://www.broadcom.com/support/security-center/protection-bulletin/apple-ids-targeted-in-us-smishing-campaign

Copy Link
Phishing actors continue to target Apple IDs due to their widespread use, which offers access to a vast pool of potential victims. These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases. Additionally, Apple's strong brand reputation makes users more susceptible to trusting deceptive communications that appear to be from Apple, further enhancing the attractiveness of these targets to cybercriminals.
These campaigns are mostly conducted via email although increasingly also through malicious SMS. A very recent case saw a threat actor distributing malicious SMS messages in the United States.
Observed malicious SMS:

* Apple important request iCloud: Visit signin[.]authen-connexion[.]info/icloud to continue using your services.

Typically, smishing actors restrict access to their malicious websites to users on mobile browsers and specific regions to evade detection by monitoring systems. However, in this instance, the malicious website is accessible from both desktop and mobile browsers. To add a layer of perceived legitimacy, they have implemented a CAPTCHA that users must complete. After this, users are directed to a webpage that mimics an outdated iCloud login template.
Score: 3 Votes (Like | Disagree)
now i see it Avatar
now i see it
18 months ago
The scams always follow the same game plan. They’re easy to spot.

Always starts out with some sort of threat to create fear and anxiety.
In the past there were some that claimed you had come into tins of money.
Then -always- there’s a link that they provide to “fix” the problem or just a phone number.

Is it a Scam?
Threat or ridiculous + link = yes.
Easy.
Score: 3 Votes (Like | Disagree)
DavidMalcolm Avatar
DavidMalcolm
18 months ago
Honestly, the lack of work done by large companies to cut down on scammers is a huge problem. The number of times I’ve talked to people who end up on a confusing scam website because they clicked on a Google ad for a major company that Google SHOULD have known wasn’t from that company and automatically blocked is staggering. Facebook is equally as guilty.

The fact that there haven’t been mandatory six month payout waits for in app purchases of gift card codes is nuts. The idea that Apple and Google are not required to refund people who buy these gift cards and give them to scammers is nuts to me.

Like how long has this been going on? There are easy steps that could have been put in place years ago that would have stopped these scammers from making tons of money to reinvest into their operations.

Even just a warning label in the back of all gift cards “these are gift cards, if someone over the phone asked you to purchase this and you did not buy this to use yourself or give to a friend and or family member, please return to a store for a refund with your receipt.”

The fact that phone companies aren’t legally required to provide any information about where a call is originating or how long that number has been assigned to that device is nuts. There’s so much that could be done automatically to prevent these scams, but it isn’t in the interest of stockholder value it’s in the interest of the good of society so nothing is done.
Score: 2 Votes (Like | Disagree)
Read All Comments