Several people have reported receiving an email from Apple stating that their Apple ID is locked. All indications are this is not only a scam aimed at getting your Apple ID and password, but if you look closely, you see that it is also very poorly done.
Here is the email being circulated.
At first glance, this looks pretty official and you might not see any reason not to follow the instructions, but a closer look reveals multiple items that tells you this is fake.
If you are not familiar with receiving notices from Apple you would not realize that they don’t use a black Apple logo in the center of the page. The current layout uses a gray Apple in the upper right hand corner, like this.
Also notice that the fake notice is signed “Apple Support Team” instead of the official signature “Apple Support.
Those differences in and of themselves would probably not give anything away but if you examine how poorly the fake notice is written, you might start to get suspicious.
Take a look at the first line of the fake notice which says, “Your Apple ID was sign in to iCloud With Other Devices site at:” Aside from the strange use of capital letters, the phrase was sign in is an indication that the author does not use English as the first language.
A similar error is in the next sentence where it says, “Support team detect unauthorised person accessed. You would expect the sentence to begin with something like, “The” Support team or “Our” Support team. At the very least, they should spell authorized properly.
The notice says, “If you do not update you account within 24 hours it will be temporarily limited. Does anyone know what that even means?
Finally, the signature on the message is all-wrong. An official Apple notification ends with a simple, Sincerely. We have never seen anyone use the phrase, “Thank you for your comprehension.”
Finally, if you looked at the address that the email came from, you would see that it looked like this.
not-reply@noticesuportalertapplecustomerscare.fly.mail.net
There are several red flags in this email address that you should notice.
First and perhaps most obvious, there is notice n the address that references apple.com
We know that a company like Apple has more email addresses than you could possible remember, but they all have one thing in common, they all end in apple.com. Here is the address from the official Apple notice shown above.
AppleSupport@InsideApple.apple.com
Next, notice that the word “support” is missing a “p” in the address. But perhaps the biggest tip-off is the word “scare”, right in the address.
Even noticing a few of these issues should be a warning that something is not right.
But what if you miss all of that and click on the “UNLOCK NOW” button? You are taken to a site that looks like this.
Whomever set this up took a great deal of time to copy the actual Apple ID Log-In page. Here is the official Apple page.
At first glance, these are identical, until you look at the URL. In Safari, where URLs get sshortened by default, the address bar shows Apple Inc. If you select the URL to see the entire address it looks like this.
https://appleid.apple.com/#!&page=signin
The fake page shows this address.
Costomers-stesid.idmacunlocked.ga.
If you click on the address to see the full URL it shows this.
https://costomers-storesid.idmacunlocked.ga/Login.php?sslchannel=true&sessionid=B0LPbAlEdlObEjUGRxG6khTNjxoR93yL4jBgUXU7jIjX1eETMk06CTUWqiOAmmmrGXHAVBIek1cmfQf1
This is obviously not an official Apple page.
By now, we hope you would have seen enough to know this is a scam, designed to get your Apple ID and password. But even if you missed all of these signs, consider one more point.
The original email said you Apple ID had been locked. The email took you to a site that was asking you to enter your Apple ID and current password. If you account was truly locked, your current password would no longer work. Of course, by the time you might have realized that, it would be too late and the scammers would already have you information.
So, what to do?
As a general rule, you should be suspicious of any email like this. Look for signs of improper English, unusual email addresses and URLs that don’t specifically reference apple.com.
And should you get an email that claims your account is locked, we suggest before you do anything, try logging in to your account. If your current ID and password still works, the email is obviously wrong.
If you liked this article, please consider sharing it with your friends and leaving a comment below.
Also, don’t forget to “Like” us on Facebook, “Follow Us” on Twitter and add the Apple Tech Talk channel to your Apple News app.
Apple Tech Talker
I have received such emails and followed instructions to the point they asked for bank details where I stopped and looked further into it.
The first page I was directed to asked for my email and password which I gave the second page was the page asking for the bank detail which I didn’t give
Will my account still be secure
You were smart not to enter your banking details on the second screen. Apple will never ask for that information.
If you haven’t already done so, we suggest you change your email immediately so the scammers cannot get into your account. Try to use a strong password. You may want to check out our article on passwords at: http://appletechtalk.com/world-password-day-2018/
Hope that helps.
Hello, It is March 2020, and you will be happy to know that people are still reading ALL of these posts for information!
My problems are that I do not remember my log in info (is I’d or password) for my Apple account because it has been years since I used it. I do have many email accounts (depending on what I am doing and who the recipients are is how I decide which email is used or given). Yes, I guess this could be called being paranoid…. Or careful, whichever you want.
My question is; Is there someone where we are to send these “emails from Apple Support” to?
Thanks in advance,
carolruth11
Carol:
Thanks for your note and a great question.
You should forward the email to reportphishing@apple.com. This is a monitored mailbox for Apple security so they will see your email but don’t expect to receive a reply. You can get other important information directly from Apple by visiting, https://www.apple.com/ca/legal/more-resources/phishing/.
Thank you very much for the information.
😉
This just happened to me. I am so scared that they may have my info. I thankfully put the wrong thing for the credit card info and it was kicked back. Do you think they still go my info??
Carol:
Thanks for writing. If you have not already done so, we suggest you immediately change the password on you Apple ID account.
It’s hard to say if they already logged in so keep a close eye on your App Store purchased and other credit card transactions.
Regards,
Apple Tech Talker
So I am guessing that the scammers thoroughly read your article and have “upgraded”their scam email. It has the small gray apple in the right corner, and the signature now says Support Team.
I was skeptical of the email I just received and so Googled answers and your article was on that list. There is still some subtle spelling/grammar errors,which I won’t divulge because the scammers are reading your article.Fortunately I haven’t clicked on any links but when I highlighted their email address it was obviously not from Apple.
Thanks for your information. Just wanted you to know the “bad guys” are reading it as well.
I was thinking the same thing. I, too, have received the “updated” email with the corrections. Thieves work hard to get our information and money. Be careful.
LOL I just got one which lead to me researching the email address from the sender which lead me here so clearly the scammers are still not very good. I don’t trust anything even valid email but not being anything apple anything from apple or google I know is a scam.
my email sender was noreply.appleid-apple.accountlocked.customersupport4@akissingi.business
the English has improved though see …
my notice also was signed Apple Team instead of the example showing apple support team. If you get emails like these even from someone you trust best to not follow links & to just log onto the site directly and try logging in. If you are truly locked out you can recover your account in a number of ways without any risk. Also most valid companies even that do lock your account don’t rush to delete them for legal reasons.
When they wanted my SS # I became suspicious. Also none of the links in the site worked.
I wanted to log in with my apple ID on my phone. Sadly I forgot my password and got locked after three times typing the password in wrong (i got the notification on my iPhone saying that my ID got locked).
Weirdly only few minutes later I got that mail. And fell for it.
They asked for my contact details, passport and credit card information. And i gave it to them. Stupid, I know, but getting the mail after I got the notification on my phone made it so real for me and I didnt really think about it.
Anyone else who fell for it?
I ofc blocked already my CC (no substractopms yet, luckily) but Im worried about my passport. I‘m a student, broke AF at the moment and I simply dont have the money to renew my passport right now.
I reported the case to police but I cant stop worrying about my passport information. I also go on vacation in a week and need my passport.
I really dont know what to do.
Received notice that Apple ID locked. Did not want to give info. What do I do?
Linda:
Thanks for writing. Like so many other people that have received this message, we suspect your account is just fine. The easiest way to confirm that is to go to the iTunes Store, iCloud account, or any other Apple site that uses your particular Apple ID and try to sign in. If you ID and password correctly provides you access to the account then you have confirmed it is not locked and you can ignore the message.
In the unlikely event you find your account is locked, you can contact Apple through the official Apple website and ask for assistance.
Hope that helps.
Apple Tech Talker
Hey I received this email. I should have known it was scam when they asked for my social security number. But when I went to credit card part and it said my card is denied. Does it mean they didn’t get it because my card is not of my Apple ID? Do they have it? Please reply because I’m worried that they have it. I’m going to cancel my card to be sure. I changed my password to my Apple ID.
You have just told the scammers what they need to fix in order to make their phishing more convincing… I’ve received such a scam email and I can see that they already fixed many of the things mentioned here (though I could still detect it was a scam)
Hi received a similar email and i clicked it and entered my id and password but chrome didn’t let me login and it said ‘dangerous’ in the url. I was directed to my gmail page(id which is logged into my chrome) where it said password compromised and i hate to change my gmail password. After i did that i changed my apple password too.
Is there a possibility that my chrome was hacked? Because all my passwords are saved on my chrome id.
Hope to hear from you asap
I just received an email from noreply@apple.com telling me my Apple ID is locked. it’s apple.com, so it should be official?
Julie:
We suggest you still be careful. Rather than clicking on the link, try to log in using your Apple ID either on one of your Apple devices or on the Apple web site. If you are able to log in, you will know that your account is not locked and this was a scam.
Good luck and thanks for visiting Apple Tech Talk.
Hi
I think i may have been sucked in by a faulse outfit saying they were from apple and that they were going to shut me down within 24 hrs owing to unusual actavity.
they asked me to log in which i did and went all the way asking me for my bank card details which i assumed would be ok as they seem the real apple contacting me.
They even asked for photos for some card they said i have to supply them photos for just all seems weird but i never gave them photos.
What immediate steps should i take ,or can take to avoid them taking money out of my account as they have been given my bank of scotland visa debit card details.
Many thanks if you can respond soon as poss
Thanks alan
Hi Kenny:
Thanks for writing to us. It does sound like you make have given out a little too much information. Apple would never request credit card information unless you are actually making a purchase and even then, they offer to send you to a special web site so you don’t have to provide the card details over the phone.
We suggest that you immediately contact your bank and tell them that your account may have been compromised. They should close down your current credit card and send you a new number. You should also change your on line account password as well as your Apple ID password.
Good luck.
Great article!
I received two emails within the same hour basically stating the same thing and using the same server name (which looked phony and not at all related to Apple). That along with the classic misspelling and bad grammar motif, I was certain it was a scam. I see email scams frequently and was immediately suspicious of these emails which always leads me to my next vetting step which is to verify from a different source that led me here. If however, it turned our I thought it was legit, I would try to contact the source (Apple in this case) to verify, but would never use the contact information from the suspicious email.
Thanks again!
Keith
just a heads up it is February 11th 2019 and they are sending around a second version of this stating your apple ID has been locked, looks pretty legit except the English is pretty bad. They almost got me last year with it, typed in my used name and password, the second page pops up and asks for my credit card info etc and i immediately backed out, closed all web pages, cleared all the cookies and web data from m phone, reset my password and emailed apple support about the phishing email.
I just got my second email today, the first was in December. Today I wised up and turned to google. In December Somehow I spent a couple cents to much on a purchase and My iTunes was locked but I didn’t notice right away, it was the amount of undownloeded updates that caught me attention and I just so happened to get the email shortly after. I couldn’t figure out what was wrong I assumed it was related and a little panicked so I didn’t notice the problems with the email at first glance. I did click on the link (hopefully that didn’t put me at risk) however that’s when I noticed something was wrong, I was warned about the link and then it didn’t work. Apple has it a little more together than that. I let it go howeverI got the email again today and after a quick check my account was fine.
Just received an email claiming same thing. I’m sure the scammers have read this story because some things have been changed based on the differences mentioned but when they asked for ssn I figured it was a scam. I can send screenshots of email if needed.
Hi Nick:
Thanks for reaching out to Apple Tech Talk. Glad our article helped.
I received to email about the locked account today. You’re right, English is not their best subject. It’s a scam, and not a very good one!
I got this e-mail tonight. I signed into my account with the wrong password and they excepted it by saying my account was verified, I got suspicious of the e-mail when it had all this private information being asked for, so I went straight and changed my password for Apple ID and a few other places.
I just receive this email saying that my apple is locked due to security reasons. It does look suspicious. The link to click to verify is https://appleid.apple.com. When I click the link it goes to https://manage.apple.com-en.infoq39783restord.punbigi.com/session/?view=login&appIdKey=6657a36eabc2b86&country=US. This is an apple.com.
This sounds like it is definitely a scam. We suggest you ignore it. If you do find any issues with your Apple ID, you should contact Apple directly.
I fell for this i put in my ss number thought it was odd but went to next screen and it was ask for card number and I know I got none on file so I stopped and closed out but do they still have everything else? I went on the real web site and changed my password real quick but worried they go ss number help!!
I just got the same email. I am always suspicious of things like this, So I checked SNOOPS and got the answers I was looking for. Thanks for helping us and good luck to all who received these.
Hi
Can someone help me? I keep getting emails that says my Apple ID is locked. How do I know it’s safe?? I don’t want it to be permanently locked.
The easiest way to check this is to go to the official Apple ID site at https://appleid.apple.com/#!&page=signin and sign in using your regular Apple ID and password. If you can sign in, then your account is OK and you have nothing to worry about.
Remember that Apple does not send our emails asking for your ID and password. As we discuss in the article, the scammers make their sites look very official so always check the actual address in your browser bar.
Hope that helps.
I received one of these scams yesterday, I signed into my account and I wasn’t blocked. Thanks for the e-mail.
I just received an email saying that my apple id will be locked within 24 hrs. I figured it was a scam and have done nothing. Will my accounts be safe if i just delete the scam? Thank you
Linda, you should be fine. Just delete the email and ignore it.
I too just got an email this morning similar to one Linda Carrington got. I almost clicked on the link but suddenly had second thought and deleted the email. I then googled “apple account lock” and found this website. Thank you.I guess the scam is back at it again.
I received the same e-mail yesterday, didn’t open it. This crap is getting worse.
I just received an email similar. I opened the first one, went as far as even clicking unlock now, before I looked at the email address which was just a bunch of letters. I received a SECOND email the same day, which caused me to do a google search and found this page. Happy I didn’t get too far into it.
I did go ahead and change my Apple ID password anyways, just because I haven’t changed it in a while.
Thanks!
Just received email I clicked of link however link they took me to on safari didn’t load In time – Thus I just cancelled screen as I started getting suspicious…I went into my Apple ID settings and found a ‘windows’ name was added to the phone’s my Apple ID is currently logged into I instantly removed them and changed my password & also removed any web browsing history and cookies from phone. Do you feel this is enough? I did not log in or give any details like people are saying they have via the link they take you too please reply and let me know help would be much appreciated! Thanks 🙂
Kelly:
This s the first time we have heard of someone finding a new device added to their account. Of course there is no way to tell if they actually did anything from the phone but the fact that it was a “Windows” phone means they probably didn’t buy and apps.
Changing you ID was wise. If you have a credit card associated with your Apple ID you should watch that account closely to make sure there are no unintended charges. If you have online access to that account, you may want to change that password too.
Good luck.
I keep getting the emails saying this as well. When I go into the store my Apple ID works just fine so I’ve been ignoring them. The address I’m getting is this: Apple ID
just in case anyone else gets them and wants to know
Hello
I received an email today where the details were similar to the passages mentioned in this thread. The apple was missing however. Anyways, I viewed this on my iPhone, so it was after clicking on the verify button link that I sniffed a scam.
I noticed the oddness of the website after it navigated me into the safari app, so I closed it and reported the email to my inbox as a phishing email.
Should I do other precautions, such as changing my Apple ID, or is that fine because I haven’t entered anything on that website? (my only worry is that I clicked on the button in the email)
Anne, thanks for your note. You were smart to recognize this potential scam and not enter any information. We don’t think you need to change your Apple ID but to be safe, we suggest you change your Apply ID password. If you use that same password on any other site, you short change those too.
So I received an email today claiming that my Apple ID was locked and that it would be permanently deleted within 12 hours. I clicked on the verify button, and was greeted with the Apple ID verification screen on Safari, but I noticed that there were a few things off about this website. The first of these was that the URL was alien to what I might’ve expected. The second was that none of the links leading to other sections of the website (only the boxes asking for an ID and a password worked, and I didn’t enter any information in those boxes).
After checking to see if my Apple ID was actually locked (it wasn’t), then double checked the email address of the sender (the email did not end with apple.com), I closed the tab with the fraudulent site, changed my password, checked to see if my account has two factor (it does), and cleared my Safari data to remove possible cookies.
Any other precautions I should take?
Connor:
Great job. You looked for, and recognized the warning signs of the scam. It sounds like you have done everything you need to, to keep your data protected.
[…] saying that your Apple ID has been locked. We first reported on this in 2017 (read our report here), and posted a follow-up n 2018 (read the follow-up […]
Someone charged my account, Order no. 76527TR1212AS, Document No. 7788672489 that I did not authorized. It was purchased through the App Store. How do I get this off my account?
Thank you.
Delia:
You can contact Apple directly at https://reportaproblem.apple.com. There you can dispute the charge and request a refund.