If you get a text message claiming to be from Apple Support asking you to share details about your Apple ID username and password, don’t take the bait!
The text is part of a phishing scam that’s been making the rounds, informing users that their Apple ID has expired and that they need to go to a particular website to get a new one — only problem is Apple IDs don’t “expire” and the website you’ll be linked to is fake.
The text message was first spotted by The Independent, and has been described in screenshots on Twitter.
Anyone else received one of these Apple ID texts? Is it all above board or is it some kind of phishing scam? pic.twitter.com/KUfMZtggUF
— Dave Vitty (@davidvitty) April 16, 2016
“[Name] your Apple ID is due to expire today. To prevent termination confirm your details at http://appleidlogin.co.uk — Apple Support,” the message says. It currently seems as though the scam is only targeting those in the U.K. While Apple has yet to respond on the issue, the company says that it would typically not approach a user through an email or text of this nature.
“As a general rule, never send credit card information, account passwords, or extensive personal information in an email unless you verify that the recipient is who they claim to be,” says the company an official support page.
It’s important to note that those rules don’t just apply to Apple users — if anyone gets an email from a company (be it PayPal, eBay, Google, and so on) asking for login information, it should be highly scrutinized. If you get an email saying that your account has been compromised, one way to play it safe is to head to your account by going to the official website in a web browser and then change your password, rather than following any links in the email or text message.
It’s common for scammers to include a link in a message that might look like they lead to an official website, but they then turn out to point to a website that is part of a phishing scam.
Of course, this isn’t the first time that scammers have created a phishing scheme aimed at getting login information from iPhone users. Commonly, however, these schemes do not take place over text, normally coming in the form of an email.