A favourite scammer trick is to send out emails claiming that your account with a particular online service has been locked or suspended.
Criminals regularly use this tactic to target Apple customers. Many Apple phishing scam emails claim that your Apple ID has been locked.
Here’s one such scam email that hit my spam folder today:
As per usual with such scams, the email – rather crudely in this case – tries to convince me that Apple has locked my account due to “unusual activity”. Supposedly, I need to click a link to verify my account and remove the restriction.
Usually, clicking the link in these scam emails opens a fake website that tries to trick you into logging in with your Apple ID and then providing a large amount of your personal and financial information via a fake account verification form.
Presumably, the scammers are using this approach as a means of bypassing browser phishing filters. Often, when you click a link in a scam email, browsers such as Google Chrome will display a phishing warning page that prevents you from accessing the scam site.
By tricking people into sending an email rather than visiting a website, criminals can avoid such browser phishing blocks.
If you do send the email, you will soon receive a reply, supposedly from Apple Support, that asks for your Apple ID credentials, your credit card numbers and other identifying personal details. The scammers will promise to restore your account as soon as you provide the requested information.
But, just as with the website versions, the scammers will use the information you provide to hijack your Apple account, commit credit card fraud, and steal your identity.
Note that, if you or another person enters incorrect login details too many times, Apple may indeed lock your account for security reasons. This can make the claims of these scammers seem more plausible.
Apple will never send you a generic email demanding that you click a link or send an email to update your account information.