‘You Have to Verify Billing Account’ Apple ID Phishing Scam

According to this email, which purports to be from Apple, your Apple ID was locked due to security reasons.

Supposedly, Apple has detected a sign-in from an unknown device and unusual activity from your account.

The email claims that you must verify your identity and billing details within 24 hours or your account will be disabled.

Clicking the link in the email opens a fake website that looks like it belongs to Apple. Once on the bogus site, you will be asked to sign in with your Apple ID email address and password. Next, you will be instructed to complete a “billing update” form that asks for your name, address, and contact details, your credit card details, and other identifying information.

After you submit this supposed update form, you may then be automatically redirected to the genuine Apple website.

Criminals can now collect the information you submitted and use it to hijack your Apple account. Once in your account, they can:

• Take control of your Apple email and use it to send spam and scam in your name
• Make fraudulent purchases with your account on the app store.
• View and download personal files stored in iCloud
• Conduct fraudulent transactions with your credit card
• Attempt to steal your identity

Keep in mind that Apple will never send you a generic email demanding that you click a link to update your account information.

If you receive one of these emails, just hit the delete key. It is always safer to log in to your online accounts via a trusted app or by entering the address into your browser’s address bar.

Apple phishing scams like this are very common.  The Apple website includes information that explains how to recognise and report such scam attempts.

A screenshot of the scam email:

Transcript of the scam email:

Your Apple ID was locked due to security reasons. We have detected a sign-in from an unknown device and an unusual activity from your account.

Please verify your identity within 24 hours or your account will be disabled due to concerns we have for the safety and integrity of the Apple Community.

Use this link [………] to verify your account.