iCloud support scams

iCloud support scams

iCloud is an increasingly large target for scams of all kinds. It’s a common target for scams involving phishing e-mails. The goal of such scams is to get you to click a link that takes you to a fake iCloud login page, resulting in you submitting your iCloud login credentials to thieves. It’s also frequently attacked via brute-force guessing of weak passwords and weak security questions.

The results of such scams can vary. Some are interested in the purchasing power since iCloud accounts double as Apple IDs, which can be used to make purchases from the Mac App Store, iOS App Store, and even the online and brick-and-mortar Apple Stores.

Other scammers want access to your files – typically photos stored in iCloud – such as the “Celebgate” incident. Celebgate involved a number of celebrities who had their accounts compromised, resulting in the theft and subsequent publication of nude photos.

There was even the recent case of compromised iCloud accounts that were used in an attempt to extort money from Apple, under the threat of wiping all devices associated with the compromised accounts. (It turned out the hackers had far fewer accounts than they claimed and the threatened erasure of devices never happened.)

There’s no doubt, though, that iCloud/Apple ID login credentials are popular targets for hackers.

Interestingly, a Malwarebytes employee has spotted a new iCloud scam attempt. Twice in one day, she received unsolicited phone calls, supposedly from Apple Support, claiming that her iCloud account had been hacked “by Russian hackers,” and asking for her account information.

The first call was from a 1-800 number not associated with Apple. Interestingly, caller ID reported that the second call originated from a legitimate Apple phone number in the 408 area code… which really means nothing these days, as it has become trivial to spoof a phone number for caller ID. (I frequently see local or even familiar phone numbers on the caller ID for scam calls… scammers do this to increase the chances of getting the victim to pick up the phone.)

It’s also worth pointing out that searching the web for something like “Apple support phone number” can also put you in touch with scammers rather than official Apple support. If you’re calling Apple for support, only do so using the contact information found on Apple’s support site (support.apple.com).

Fortunately, she was not fooled and did not give up her account information. It’s important to keep in mind that Apple will not call you in this manner and will not ask you to give them your account information. If someone claiming to be Apple wants this information, hang up.

The correct response if you think your iCloud account has been hacked, and what an Apple representative should tell you to do, is to go to Apple’s website (apple.com), then search for and log into the Apple ID account page. Once there, you can change your account password.

Incidents like this also underscore the need to activate two-factor authentication on your Apple ID/iCloud account.

Be on your guard against scams involving your Apple ID. Never give out your credentials to anyone, not even an Apple representative, and never log in with your Apple ID to any site you reach by clicking a link in an e-mail message.


Thomas Reed

Director of Mac & Mobile

Had a Mac before it was cool to have Macs. Self-trained Apple security expert. Amateur photographer.