iPhone-owners beware. A new text messaging scam, designed to access personal information from Apple ID such as address and credit card details, has hit the headlines over the weekend.
Users have been told to delete messages which appear to be sent from Apple and warned not to enter any details when prompted.
Worried you’ve been affected? Read on and we’ll tell you everything you need to know about this latest Apple ID scam.
What’s the scam?
iPhone users say they have been receiving official-looking text messages, claiming to be from ‘Apple Support’, warning that their Apple ID password is about to expire.
They are told to head to a link within the text message, where they are asked to enter their current password on a clerkly cloned version of Apple’s official website.
Apple ID is Apple’s centralised system which allows users to buy apps, music, films and TV shows.
Apple never prompts users to change passwords due to imminent expiry, marking this text message out as a clear fake.
What happens next?
Once they’ve entered their password, users are told that they have had their Apple ID account locked.
To ‘unlock’ it, they are then asked to enter a string of personal information, including address details and credit card numbers.
The fear is that these could be used either for immediate fraud or for identity theft.
How do I know it’s a fake?
Anything asking for credit card information or account passwords without you first going to a site with the express motive to set up an account or change personal information can generally be marked out as unsafe.
Closer inspection of the web address, in this case appleidlogin.co.uk, clearly shows it to be illegitimate.
Apple has a dedicated page for these attacks, known as phishing scams, which detail how you can spot them in text messages and emails.
What do I do if I’ve entered my details?
Head to Apple’s official Apple ID page and follow the instructions to change your password.
If you’ve handed over your credit card or bank details, phone your provider and have your cards cancelled immediately.
If you are concerned that you have given enough information to be a victim of ID theft, such as current and previous addresses and your date of birth, contact Cifas to get a copy of your credit report and report it to Action Fraud.
What has Apple said about the attacks?
Nothing yet. However, like all major tech companies that hold millions of people’s secure data, it keeps a vigilant eye on how its mobile platform is being attacked by hackers.
Expect it to make an official, if brief, statement.
However, it’s unlikely to do much more than point to its official phishing guidelines.