Phishing Alert: Fraudulent Apple Support Impersonation

We are seeing an increase in a sophisticated phishing scam targeting Apple account holders, including business users.

In this scenario, individuals receive text messages claiming that an unauthorized login attempt has been detected on their Apple account. Shortly afterward, they receive a phone call from someone posing as an Apple Support representative. The caller asserts that the account has been compromised and advises that a support case has already been opened to assist with securing the account.

To reinforce the deception, victims may receive a legitimate email from Apple Support containing a real case number. While the email itself is authentic, the support ticket was initiated by cybercriminals—not by Apple—using publicly available support channels.

The attacker then attempts to “resolve” the issue by requesting the account’s security or verification code, claiming it is needed to close the support ticket. Providing this code enables the attacker to take full control of the Apple account.

Business Impact

Compromised Apple accounts can expose corporate email, cloud storage, device backups, and sensitive business data, potentially leading to broader security incidents.

Recommended Actions

• Employees should never share security or verification codes, regardless of how legitimate the request appears.
• Any unexpected account-related calls should be treated as suspicious.
• Users should independently contact Apple Support through official channels to verify any claimed issues.
• Organizations should reinforce security awareness training and incident reporting procedures.