Although “Apple ID locked” can be a real warning issued by Apple, a scam has been spreading that uses the same phrase.
Emails talking about app purchase issues are spreading the “Apple ID locked” scam. They lead to fake Apple sign-in pages which tell you that your Apple ID has been locked and ask you to provide lots of personal information – so that scammers can steal it. If you get a warning that your Apple ID has been locked, be very careful and check if it is a genuine warning.
Scam Apple Id Locked quicklinks
- What the “Apple ID locked” scam looks like
- Deceptive emails
- Information stealers
- An old scam
- How to protect yourself from “Apple ID locked” scams
- Avoid scam sites
- If you fell for a scam
- Automatic Malware removal tools
In short about the “Apple ID locked” warnings:
|Threat type||Phishing scam.|
|How the “Apple ID locked” scam spreads||Emails that talk about App purchase issues and lead the recipient to a fake Apple login site.|
|Consequences of the scam||The “Apple ID locked” scam steals personal information, potentially including the password, name, address, and payment information.|
|How to avoid being hurt by the “Apple ID locked” scam||Recognize malicious emails,
secure your device against malware (Combo Cleaner, Malwarebytes, others),
use 2-factor verification,
keep an eye on your bank account.
What the “Apple ID locked” scam looks like
Emails are being sent to Mac users, talking about payment problems and asking the recipients to urgently update their information. These emails lead to sites that look like genuine Apple websites. They ask users to log in with their Apple ID. After logging in, these sites show this warning:
This apple id has been locked for security reasons.
You must unlock your account before signing in.
This could be a real warning, as described on this page: Support.apple.com. Your Apple ID can get locked after too many failed sign in attempts. So, if someone is trying to guess your password, Apple locks your Apple ID to protect your account.
However, scammers have been sending out emails pretending to be Apple, threatening that your Apple ID will be locked if you don’t update your information. These emails contain links to fake Apple sites that steal the login details that are entered.
Other scam emails pretend to be recepts for app purchases. They also lead to the same fake Apple login sites.
After showing the “Apple ID locked” warning, the fake Apple sites ask people for a lot of personal information, including name, birth date, phone number. Sometimes, they even ask for payment details and social security numbers.
This is a lot of personal information. A scammer could use it to steal a person’s identity. And all that scammers need to do is send out enough scam emails to trick just a few people.
If your Apple account really has been locked, you’re supposed to go to Iforgot.apple.com. You may be asked to type in a 2-factor verification code or answer a security question, but you won’t be asked to fill in personal information.
An old scam
Here’s someone describing the situation recently: Discussions.apple.com. The same scam has been around for a few years. Here is an older link: Bleepingcomputer.com.
As you can see, this scam is not new. Unfortunately, it must be effective, as it’s still being used. Here’s an example of the scam email text:
Due to a problem with the payment method you provided, we couldn’t charge your account for your case (#C02-9410698-37689194).
If you don’t update your information in 24 hours, your Apple ID will be permanently locked. To unlock Apple ID, please visit this link to log in to your Apple ID and update your billing information.
Another scam currently affecting Mac users is the “Account Suspended” scam. Other scams include the fake 3 Viruses warnings and various fake software updates. Macs may be more secure than PCs but good security won’t stop social engineering tricks that scammers use.
How to protect yourself from “Apple ID locked” scams
Avoid scam sites
The “Apple ID locked” emails look very legitimate. They spread links to malicious websites that also look very convincing. Nevertheless, they’re fake.
Do not trust links in unexpected emails. A good habit to adopt would be to seek out the login site yourself. Also, familiarize yourself with Apple’s tips on how to recognize legitimate emails: Support.apple.com.
How did scammers get your email? There are a lot of ways. One is for one of the websites where you registered with this email to have leaked your data. Check Haveibeenpwned.com for that.
Another is for shady apps and browser extensions to have taken your data. Scan your computer for adware infections with Combo Cleaner, Malwarebytes, or another anti-malware tool.
If you fell for a scam
Make very, very sure that there are no low-reputation/potentially unwanted apps on your Mac with a reputable anti-malware program. Then, change your passwords. Reset your passwords and make sure that 2-factor verification is on where possible.
Then, observe your bank account. If you’re really concerned, just call your bank – they’ll know how to help you.
There are a lot of good resources online on how to react to falling for a phishing scam. Importantly, be aware of scams. If a malicious actor has your information, they may come after you again by sending you targeted emails or calling you – ignore them, don’t interact with them.
Automatic Malware removal tools