Watch out for this Apple impersonation scam

Fraudsters try to steal personal data via ‘locked Apple ID’ email
People looking at a laptop

Scammers are again impersonating Apple in an attempt to obtain personal data from unsuspecting victims. 

The latest scam involves fraudsters sending phishing emails claiming the recipient’s Apple ID has been locked due to ‘multiple failed sign-in attempts’. 

Apple users were targeted by a similar scam last year, where fraudsters sent text messages to users claiming their Apple Pay accounts had been suspended. Read on to find out more about how this latest scam works.


Sign up for free Which? scam alert emails to find out about the latest scams news and advice.


Apple ID scam email

This is an example of the latest scam email purporting to be from Apple. 

The first giveaway that this is a scam is the sender’s address – it consists of random letters and doesn't come from the apple.com domain. 

The message begins by saying:

‘Your Apple ID has been locked on Friday, January 27 2023 for security reasons, we have detected multiple failed sign-in attempts to your Apple ID.’

The body of the email contains spelling and grammar mistakes, which also raises suspicions about its authenticity.

The email aims to panic you into thinking your account may be at risk and encourages you to act quickly. You are told that someone knows your password and that verifying your account is the only way to secure it. 

If you click the ‘Verify Your Account’ button, you are taken to a QR code generation website.

What are QR code scams?

QR codes are used by scammers to phish for your personal data. 

When you scan a QR code, you may be taken to a dodgy website where you’re asked for personal information, such as your email address, home address, phone number or bank account information.

Malware may also be downloaded onto your device, which could give fraudsters access to your personal details.

How to spot and report scam emails

You should always check the sender's address when you receive an email from a brand. Legitimate emails will always include the brand’s name and genuine website URL (e.g. @apple.com).

Additionally, companies will typically address their customers by name and messages will always include up-to-date branding.

If you’re suspicious, it’s always best to log into your account with the company to check if the information in the email is legitimate. If you have any concerns, delete the email. 

You can report scam emails by forwarding them to report@phishing.gov.uk. 

You can also report the email to your provider by selecting ‘Report Spam’ on Gmail, the ‘Report phishing’ button on Hotmail or by forwarding emails to abuse@yahoo.com if you're using a Yahoo account.