Apple has issued a warning to its global user base as a sophisticated new wave of social engineering scams targets iPhone owners.
These attacks, which are currently surging across the US and Europe, aren’t trying to break into your phone with code; they are trying to break into your bank account by tricking you into a state of panic.
The scam usually starts with a simple, official-looking text message. It might claim there has been a suspicious charge on your Apple Pay or that your account has been locked. According to a report by ConsumerAffairs, the trick’s effectiveness lies in how it makes people feel: “It’s becoming widespread because it creates panic in its victims,” the publication noted.
Once you are worried about your money, the message helpfully provides a phone number to call. If you dial it, you won’t reach a support staff at an Apple Store. Instead, you’ll be connected to a fraudster pretending to be an official investigator or a support agent.
In some extreme cases, victims have been talked into withdrawing massive amounts of cash. ConsumerAffairs reported on an instance in which a woman was nearly convinced to withdraw $15,000 before a bank teller stepped in to stop her.
What Apple will never ask you to do
To combat these scammers, Apple Support has released a clear set of guidelines to help users distinguish between a real notification and a criminal’s hook. The most important thing to remember is that Apple does not participate in the high-pressure tactics used by scammers.
“Apple will never ask you to log in to any website, or to tap Accept in the two-factor authentication dialogue, or to provide your password, device passcode or two-factor authentication code, or to enter it into any website,” according to Apple Support.
Furthermore, the company warns that scammers may try to lower your guard by asking you to disable security features such as Stolen Device Protection or Two-Factor Authentication. Apple clarifies that they will never ask you to disable these protections to help you.
The red flags to watch for right now
Security experts and Apple itself say these warning signs should immediately raise your suspicion:
- A text or email arrives out of nowhere, warning about Apple Pay activity
- The message contains a phone number and asks you to call it
- There’s pressure to act immediately or face consequences
- Someone asks for your passwords, security codes, or personal information
- You’re told to move money, withdraw cash, or lie to your bank
If a scammer gets far enough into the conversation, they will typically steer you toward a fake website designed to look like Apple’s sign-in page, where they’ll harvest your credentials and lock you out of your own account.
How to protect yourself and report scams
If you receive a suspicious message, the best move is to do nothing at all. Do not click the links, and do not call the numbers provided in the text. Instead, log in to your Apple account through the official app or website to check your activity.
If you are already on the phone with someone who feels off, Apple Support offers very direct advice:
“If you get an unsolicited or suspicious phone call from someone claiming to be from Apple or Apple Support, just hang up.”
To help stop these criminals, you can report fraudulent activity directly:
- Emails: Forward suspicious messages to [email protected].
- Texts: Take a screenshot and send it to the same email address.
- FaceTime: Send screenshots of suspicious FaceTime calls to [email protected].
In the end, these scams rely on hacking your instincts. Staying calm, verifying information through official channels, and refusing to act under pressure are your best defenses in a landscape where urgency is the attacker’s favorite weapon.
For more on how Apple is strengthening its defenses behind the scenes, check out this breakdown of its latest WebKit security improvements.
