New Cyberattack Targets iPhone Users: How to Protect Your Apple ID

Security software company Symantec issued an alert on Monday, warning of a new wave of cyberattacks targeting iPhone users in the U.S. that aim to steal Apple IDs through a sophisticated phishing campaign. These attacks involve malicious text messages, known as “smishing,” designed to trick users into revealing their credentials.

The Threat: Phishing for Apple IDs

Cybercriminals are sending text messages that appear to be from Apple, urging recipients to click on a link and log into their iCloud accounts. These messages often include a CAPTCHA challenge to enhance their appearance of legitimacy. For example, a typical phishing text might read: “Apple’s important request to iCloud: “To continue using your services, visit signin[.]authen-connexion[.]info/iCloud.” Upon clicking the link, users find themselves on a fraudulent iCloud login page, potentially leading to the theft of their credentials.

Broadcom owns Symantec, which emphasises the importance of Apple IDs for cybercriminals. These credentials provide access to a wealth of personal and financial information and the potential for unauthorised purchases, making them highly sought after. The widespread use of Apple IDs means many potential victims for these phishing campaigns.

Moving Markets

How to Protect Yourself

To safeguard against these smishing attacks, iPhone users should follow these precautions:

  1. Verify the Source: Be wary of any text messages that appear to come from Apple. The message is likely fraudulent if it is from a random phone number. Apple typically does not send unsolicited messages asking for personal information.
  2. Avoid Clicking Links: Do not click on links in suspicious messages. Instead, go directly to the official login page for iCloud or other Apple services.
  3. Enable Two-Factor Authentication: Activate two-factor authentication (2FA) for your Apple ID. This adds an extra layer of security by requiring a verification code and your password.
  4. Recognise Scam Indicators: Apple support representatives will never ask you to provide your password, device passcode, or 2FA code via a link or phone. If someone requests this information, they are likely a scammer.
  5. Update Security Software: Ensure your computer and mobile phone are set up to automatically update security software. This helps protect against the latest threats.

Apple advises users to be cautious with any unexpected requests for personal information. If you receive a suspicious message or call, contact the company using official contact details.

What to Do If You Suspect a Scam

If you receive a message or call that you believe is a phishing attempt, do not respond. Hang up the call or delete the message. Report the incident to Apple or the Federal Trade Commission (FTC). The FTC also recommends regularly updating your security software to protect against new threats.


As cybercriminals become more sophisticated in their attempts to steal personal information, staying vigilant and informed is crucial. By following these protective measures, iPhone users can help safeguard their Apple IDs and personal data from phishing attacks. Remember, when in doubt, to contact the company directly to verify the legitimacy of any suspicious communications.


About Post Author