Apple Security Alert Scam Texts EXPOSED – Full Investigation
Written by: Thomas Orsolya
Published on:
Apple Security Alert scam texts are designed to look like urgent fraud notifications. They claim your Apple ID was used for a recent purchase, warn of suspicious sign-ins or Apple Pay activity, and push you to call a “support” number immediately.
If you call, you reach a fake tech support center. The scammer will try to scare you into giving remote access to your device, sharing account or banking details, or paying with gift cards.
Treat these messages as smishing. Do not call the number in the text.
Scam Overview
This is a classic smishing setup.
“Smishing” is phishing by SMS text message. The FBI defines smishing as a phishing variation that happens through text messages, and the same playbook applies here: impersonate a trusted brand, create urgency, and push the victim into an action that benefits the scammer.
The Apple Security Alert scam message pretends to be an “Apple Security Alert” and uses a very specific charge amount of $143.95.
That number is not random.
Scammers use exact-looking amounts because vague messages feel fake. A number like $143.95 makes the alert feel like a real transaction record. It pushes your brain into reaction mode before you slow down and verify anything.
The text also includes multiple triggers in one message:
A recent Apple Store purchase
A suspicious sign-in request
An Apple Pay activation request
A warning that the charge may be auto-debited
A demand to call a number immediately
This is deliberate layering.
If one claim does not scare you, another one might. If you do not care about the purchase, you might panic about account access. If you ignore the sign-in warning, the threat of an irreversible charge may push you to act.
Why this scam feels believable to so many people
The message is written to sound like a fraud department or billing alert.
Even though the grammar is sloppy, the structure mimics real support communications. It mentions “Customer Support,” “Billing Support,” “Apple Support,” and “Apple Pay Pre Authorization” to create the impression that the message came from a legitimate corporate system.
This is a common tactic in social engineering.
Apple explains that social engineering attacks rely on impersonation, deception, and manipulation, and scammers often pretend to be a trusted company to persuade you to hand over credentials, security codes, or financial information. Apple also notes that scam calls and messages may impersonate Apple Support or other well-known organizations.
The scammer does not need perfect grammar.
They only need enough credibility to get you to call.
Once you call, the text message has already done its job.
The biggest red flags in the text you received
The wording in your message has several clear warning signs.
1) It pressures you to call immediately
The message says failing to act may lead to an automatic debit and the charge will not be reversed.
That is emotional pressure, not normal support behavior.
The FTC warns that real security warnings and messages will not ask you to call a phone number, and legitimate tech companies do not contact people by phone, email, or text to tell them there is a problem with their device.
2) It tells you to use the phone number inside the suspicious message
This is the central trap.
The scammers want you to use their number, not Apple’s real support channels. The FTC specifically advises that if a message seems real, contact the company directly using a phone number you know is real, not the number included in the message. The FBI gives similar advice and tells people to look up the company’s number on their own.
3) It mixes billing language with security panic
The message mentions billing, account security, sign-in activity, and Apple Pay activation in one breath.
That is a common scam pattern because it broadens the attack surface. The scammer is trying to hook both types of people:
People who panic about money
People who panic about account security
It is not a real fraud investigation. It is a conversion script.
4) It uses awkward phrasing and inconsistent formatting
Phrases like “That looks like suspicious to us” and “Failing may lead to auto debit” are not how legitimate Apple messages are normally written.
Scam texts often contain awkward grammar, inconsistent capitalization, or strange phrasing because they are mass-produced, copied, or adapted from other scams.
This alone does not prove a scam.
But when combined with urgency and a phone number, it is a major red flag.
5) It creates a false deadline
The message implies you must act immediately or lose the ability to reverse the charge.
Scammers use this because urgency shuts down careful thinking.
Apple’s own guidance says if you are suspicious about an unexpected message or request for personal information or money, it is safer to presume it is a scam and contact the company directly if needed.
Why the phone number is the real weapon in this scam
A lot of people think the danger is the text itself.
The real danger starts when you call.
The phone number in this kind of Apple Security Alert scam usually routes you to a fake support center. It may sound organized, with hold music, scripted agents, department transfers, and case numbers. The person answering may introduce themselves as “Apple Support,” “Apple Billing,” “Fraud Prevention,” or “Senior Security Specialist.”
That polished phone experience is part of the scam.
The goal is to make you feel like you reached the right place, then guide you step by step into giving away access, information, or money.
Apple warns that scammers may even call from a number that appears legitimate due to caller ID spoofing, and advises hanging up and dialing a vetted company number yourself if the call seems suspicious.
So even if the text looks fake, the follow-up call can feel real.
That is where many victims get pulled in.
How this scam often turns into fake tech support
This is not only an Apple impersonation scam.
It often becomes a fake tech support scam once you call.
The FTC describes this exact pattern across many brands. Tech support scams can start with a bogus warning or a text message. Once the victim calls, scammers ask for remote access, pretend to scan the device, claim to find malware or security issues, and then push for payment or personal information.
Your added detail matches that pattern closely.
You noted that the scammers may claim your device is infected or hacked, ask to connect remotely through AnyDesk or a similar app, and then try to extract bank information or steal money. That is a very common escalation path in these scams.
AnyDesk itself warns that scammers can misuse remote access software to connect to a victim’s device and steal data, access codes, and money, and it emphasizes a simple rule: never give unknown people access to your devices.
That is why this text is so dangerous.
It starts as a fake billing alert, but it can quickly turn into a full account takeover or financial theft operation.
Why scammers mention Apple Pay and suspicious sign-ins
Those phrases are not accidental.
Scammers choose Apple-specific terms because they sound technical enough to feel legitimate but familiar enough that most people understand them.
“Apple Pay activation request” is especially effective because it suggests someone is trying to link your payment credentials to another device.
Even if the victim does not use Apple Pay often, the phrase feels serious.
The “suspicious sign in request” wording is also designed to trigger fear about identity theft. The victim may think someone already has their Apple account password, or that their account is actively being accessed.
That emotional state is exactly what the scammer wants before the phone call begins.
Apple warns that scammers seek passwords, security codes, and financial information, and that users should never share Apple Account passwords or verification codes. Apple also states that it does not ask for this information to provide support.
Why gift cards show up in these scams
Gift cards are a major sign that the call is fraudulent.
In many cases, the fake support agent will eventually say they need to “secure your account,” “reverse a refund error,” or “verify a safe payment method.” Then they ask for gift cards and the codes on the back.
That is always a scam.
Apple warns users never to use Apple Gift Cards to make payments to other people. The FTC also states that no legitimate company will ask you to pay for tech support with a gift card.
Scammers ask for gift cards because they are fast, hard to reverse, and easy to cash out or resell.
Once the codes are sent, the money is usually gone.
The hidden risk most people miss
Many people focus only on the fake charge.
The bigger risk is what happens after the call starts.
Even if no charge exists, the scammer can still steal from you by doing any of the following:
Getting remote access to your phone or computer
Watching you log into banking or email accounts
Asking for Apple verification codes
Sending you to a fake site that looks like Apple
Convincing you to “refund” money that was never sent
Pressuring you into gift card purchases
Installing software or profiles that give them ongoing access
The FBI notes that phishing and spoofing scams are designed to manipulate victims into downloading malware, sending money, or disclosing sensitive information. It also warns that spoofed phone numbers and lookalike websites are used to build trust.
That is why this is more than an annoying spam text.
It is the front end of a broader fraud and identity theft attempt.
How The Scam Works
Step 1: The fake Apple Security Alert text arrives
The scam usually begins with a text message that claims there was an Apple purchase, account problem, or Apple ID security issue.
The message often includes:
A specific dollar amount
A suspicious login warning
A request to call immediately
A fake support number
A threat that the charge will go through if you do nothing
This works because it creates a false emergency.
The FTC has documented similar scam messages that claim a purchase or subscription charge and instruct people to call if they did not authorize it. That same pattern appears here, just tailored to Apple branding.
Here is how it might look:
[Apple Security Alert]
We have noticed that your Apple id was recently used at “APPLE STORE” for $143.95, paid by Apple Pay Pre Authorization. Also some suspicious sign in request and apple pay activation request detected. That looks like suspicious to us. In order to maintain the security and privacy of your account we have placed those request on hold. If NOT you? Please Call +1 850-[removed] to talk to an Apple Representative. Failing may lead to auto debit and charge will not be reversed. Call +1 850-[removed] immediately to cancel this charge.
Customer Support: +1 850-[removed]
Billing Support : Subscriptions and Billing – Apple Support
Step 2: Panic and urgency override verification
Most victims do not call because they are gullible.
They call because the message hits a normal human fear.
People worry about:
Fraud charges
Account takeover
Identity theft
Losing money
Not acting fast enough
Scammers know this.
They write the text to make “call now” feel safer than “pause and verify.”
That is the psychological pivot of the scam.
Apple’s guidance directly addresses this dynamic by telling users to presume suspicious requests may be scams and contact the company directly through official channels if needed.
Step 3: The victim calls the number in the text
This is the moment the scam becomes much more dangerous.
Once the victim calls, the scammer has a live target who is already anxious and seeking help. The fake support agent may sound calm, polite, and professional. They may thank the caller for “reporting the fraud quickly.”
That script is intentional.
A calm voice lowers suspicion and increases compliance.
The scammer may also use fake internal language like:
“Pre-authorization hold”
“Fraud case number”
“Apple server breach”
“Device security sync issue”
“Suspicious token activation”
The words sound technical enough to discourage questions.
Step 4: Fake verification and trust-building
Before asking for anything obvious, scammers often build trust first.
They may ask for harmless-looking details such as:
Your name
Phone number
ZIP code
Device type
Whether you use iPhone, iPad, or Mac
Whether you use Apple Pay
This serves two purposes.
First, it makes the call feel like a real support process.
Second, it helps them tailor the scam. If you say you use a MacBook and iPhone, they know what instructions to give next. If you say you do not use Apple Pay, they may shift the story and claim someone is trying to add your card to another device.
Some scammers also read back public information about you to sound legitimate.
Apple warns that scammers may mention personal information in an attempt to build trust.
Step 5: The scammer introduces a fake threat on your device
Now the caller starts the technical scare.
They may say:
Your Apple account is compromised
Your device is infected
A hacker is connected to your phone or computer
Your banking apps are exposed
They need to “secure the device” before canceling the charge
This is where the scam blends Apple impersonation with a fake tech support script.
The FTC describes this exact behavior in tech support scams. Scammers pretend there is a virus or security issue, push the victim to call, then claim they can fix it.
If the victim sounds hesitant, the scammer increases pressure:
“The charge is pending”
“Your account could be locked”
“We need to act before the fraud completes”
“If we disconnect now, I cannot guarantee reversal”
Everything is built around urgency and authority.
Step 6: Remote access software enters the picture
This is one of the most dangerous escalation points.
The scammer tells the victim they need to connect remotely to “inspect,” “clean,” “secure,” or “process a refund” on the device. They may ask the victim to install:
AnyDesk
TeamViewer
Another remote support tool
A screen-sharing app
A device management profile
A browser extension
They may walk the victim through the setup step by step.
Once the victim installs the software and shares the access code, the scammer may be able to control the device, watch the screen, and manipulate what the victim sees.
The FTC warns that tech support scammers often ask for remote access and pretend to scan the computer for issues. AnyDesk also warns that scammers misuse remote access tools to steal data, access codes, and money.
This is why “I only called them” can still become a serious compromise.
Step 7: The scammer harvests information while pretending to help
Once connected, the scammer can move fast.
They may direct the victim to log into accounts “to verify identity” or “check fraud status.” The victim thinks they are working with support, but they are actually exposing sensitive information in real time.
Common targets include:
Apple account login
Email account
Bank account
Credit card portal
Payment apps
Password manager
Texted verification codes
Scammers may also send the victim to a spoofed website that looks official.
The FBI warns that phishing scams often use lookalike websites to steal passwords, credit card numbers, and other sensitive information.
Some scammers go further and manipulate what appears on the screen.
They may edit a page, use browser tools, or rely on a fake portal to make it look like a refund was processed or a larger amount was sent by mistake. Then they demand that the victim pay back the “difference.”
Step 8: The fake refund or overpayment trap
This is a very common endgame.
After the remote session starts, the scammer claims they issued a refund for the fake Apple charge. Then they say an “agent error” caused too much money to be refunded.
Example script:
“We accidentally refunded $1,439.50 instead of $143.95”
“You need to return the difference right now”
“If you do not send it, it will be reported”
This is pure fraud.
The FTC has documented this exact pattern in tech support scams, including fake charges, calls to dispute them, remote access, a spoofed site, and a false claim that the refund amount was entered incorrectly.
Then comes the payment demand.
Step 9: The payment demand through gift cards or other hard-to-reverse methods
Once the scammer claims there is a refund problem or account security issue, they push for payment in ways that are hard to recover.
Common methods include:
Gift cards
Wire transfer
Bank transfer
Cryptocurrency
Payment apps
The FTC specifically warns that tech support scammers often insist on these payment methods because they work like cash and are hard to get back.
In the Apple-themed version of this scam, gift cards are especially common because the scammer may pretend they are part of Apple billing, App Store verification, or account restoration.
Apple and the FTC both make this point clear in different ways:
Apple says never use Apple Gift Cards to make payments to other people.
The FTC says no legitimate company will ask you to pay for tech support with a gift card.
If a caller asks for gift cards, the scam is confirmed.
Step 10: Credential theft and account compromise continue after the call
Even after the payment part, the scam may not be over.
If the scammer got remote access or credentials, they may continue trying to exploit the victim later. They might:
Attempt password resets
Try to access email
Reuse passwords on other sites
Use saved browser credentials
Contact the victim again pretending to be a “recovery department”
Sell the victim’s information to other scammers
This is why response speed matters.
If a victim changes passwords quickly, removes remote access, and contacts their bank, they can often stop further damage.
Apple advises changing your Apple Account password immediately if you believe it was compromised or you entered information on a scam site, and to make sure two-factor authentication is enabled.
Step 11: The scammers may spoof numbers and recontact victims
A lot of victims block the first number and assume that solves it.
Sometimes it does not.
Scammers often use different numbers, spoofed caller IDs, or follow-up texts to continue the attack. They may claim to be:
Apple escalation team
Bank fraud department
Refund department
Law enforcement
Gift card verification team
The story changes, but the goal stays the same.
Apple explicitly warns that suspicious calls may appear to come from a legitimate company number due to spoofing. The FBI also explains spoofing as disguising a phone number, sender name, or website to make the communication appear trusted.
That is why it is not enough to judge a call by the number shown on your screen.
Step 12: Why the scam keeps working
This scam keeps working because it combines several proven tactics in one message and one phone call:
Brand impersonation (Apple)
Financial fear (unauthorized charge)
Security fear (suspicious sign-in)
Time pressure (call immediately)
Authority language (support, billing, case handling)
Together, they create a very effective fraud funnel.
The best defense is simple but powerful:
Do not use the number in the message. Use only Apple’s official support path if you want to verify anything.
Apple and the FBI both emphasize this same principle in different ways: do not trust unsolicited contact details, and use known official channels.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
What To Do If You Have Fallen Victim to This Scam
If you interacted with the scam, do not panic.
A lot of people freeze after realizing what happened. The right move is to act in a calm, structured order. The faster you respond, the better your chances of limiting damage.
1) If you only received the text and did not call, do this first
If you did not call the number and did not click anything, the risk is much lower.
Take these basic steps:
Do not reply to the text.
Take a screenshot of it.
Delete the message.
Block the number.
Report it as junk/spam in your Messages app if available.
Forward the text to 7726 (SPAM) to help your carrier filter similar texts.
Report the scam to the FTC.
Apple says suspicious SMS texts that appear to be from Apple can be reported by taking a screenshot and emailing it to reportphishing@apple.com. Apple also notes you can use the “Report Junk” option in Messages. The FTC also advises forwarding unwanted texts to 7726 and reporting them to ReportFraud.ftc.gov.
2) If you called the number but did not share information
You still need to treat it seriously, but you may have avoided the worst outcome.
Do this next:
Hang up immediately if the call is still active.
Do not call back.
Block the number.
Watch for follow-up calls from new numbers.
Do not trust caller ID if “Apple” appears.
Verify your Apple account only through official Apple channels.
Apple warns that scammers can spoof legitimate-looking numbers and advises using vetted contact methods instead of responding to suspicious calls.
3) If you gave personal information or Apple account details
This is where you need to move quickly.
If you shared any of the following, respond right away:
Apple account password
Verification code
Email password
Billing address
Card details
Bank details
Date of birth
Security answers
Take these actions immediately:
Change your Apple Account password from a device you trust.
Make sure two-factor authentication is enabled.
Change the password on your email account, especially if it is tied to your Apple account.
Change any other accounts where you reused the same password.
Review recent account activity and trusted devices.
Remove any device you do not recognize.
Check payment methods linked to your Apple account.
Apple specifically advises changing your Apple Account password immediately if you think it was compromised or you entered information on a scam site, and to ensure two-factor authentication is enabled. Apple also states it does not ask for your password or verification codes to provide support.
4) If you installed AnyDesk or another remote access app
This is the highest priority if the scammer connected to your device.
Do this now:
Disconnect from the internet immediately (Wi-Fi and mobile data if needed).
End the remote session.
Uninstall AnyDesk or the remote app they had you install.
Restart your device.
Run a security scan on your computer with trusted security software.
Check for unknown apps, browser extensions, device profiles, or startup items.
If possible, use a second trusted device to change important passwords.
The FTC warns that tech support scammers use remote access to carry out the scam, and AnyDesk warns that scammers can misuse remote access tools to steal data and money.
If you are unsure whether the device is safe after a remote session, consider getting in-person help from a trusted local technician or a known support provider.
5) If you logged into bank or card accounts while they were watching
Assume the scammers may have seen what you typed.
Do not wait for fraud to appear.
Contact your bank or card issuer using the number on the back of your card or the official website, not any number from the text or caller.
Tell them clearly:
You may have been targeted by a tech support scam
You may have exposed account access or card information
You want fraud monitoring and account protection now
Ask about:
Freezing or replacing cards
Disputing unauthorized charges
Temporary account holds
New account numbers if needed
Extra verification on your account
The FTC advises people to check bank and credit card accounts for unauthorized transactions and report them directly to the bank or card company.
6) If you paid with gift cards, act fast anyway
Gift card scams are hard to reverse, but fast action still matters.
Do this immediately:
Find the gift card receipt.
Contact the gift card company right away.
Tell them the payment was part of a scam.
Ask if the balance can be frozen or recovered.
Save all card numbers, receipts, and screenshots for your report.
Apple says never use Apple Gift Cards to pay other people, and the FTC says gift card payment requests for tech support are scams.
Even if recovery is not possible, reporting helps build cases and may help other victims.
7) If you paid by bank transfer, wire, crypto, or payment app
Time is critical here.
Contact the payment provider immediately and report fraud.
Ask whether they can:
Reverse the transaction
Freeze the transfer
Flag the destination account
Escalate the case to fraud investigations
The FTC notes that scammers prefer these payment methods because they are difficult to recover, which is exactly why you should report quickly.
8) Secure your Apple account the right way
Do not use links from the scam text.
Use only official Apple support and account settings.
Apple’s guidance for suspicious messages and phishing response includes:
Change your Apple Account password if compromised
Keep two-factor authentication enabled
Do not share passwords or verification codes
Contact Apple through official support channels, not suspicious messages
It helps investigators identify patterns, numbers, scripts, and fraud infrastructure.
Here is a practical reporting checklist:
Apple
Take a screenshot of the suspicious text
Email it to reportphishing@apple.com (Apple’s reporting address for Apple impersonation messages)
FTC
File a report at ReportFraud.ftc.gov
Include the phone number used and what happened on the call
FBI IC3
Report spoofing/phishing to IC3 at ic3.gov
Especially important if money was stolen, remote access was granted, or identity data was exposed
Apple’s support page specifically lists reporting suspicious Apple texts and scam phone calls. The FBI also directs users to report spoofing and phishing to IC3.
10) Report the text to your carrier and block future attempts
This step helps reduce repeat attacks.
The FTC recommends forwarding scam texts to 7726 (SPAM), which helps wireless providers identify and block similar messages. It also recommends using your messaging app’s junk or spam reporting feature.
Do both if you can.
Then block the number, but remember that scammers may switch numbers or spoof new ones.
11) Watch your accounts for the next several weeks
Some scammers do not steal immediately.
They wait.
Monitor:
Bank accounts
Credit card statements
Apple account email notifications
Login alerts
Payment app activity
Wireless account activity
If anything looks off, report it right away.
Also pay attention to new scam calls claiming to “help you recover” money from the first scam. Recovery scams are common after an initial fraud.
12) If you shared sensitive identity information, consider credit protection steps
If you gave enough personal information for identity theft risk, take extra precautions.
Depending on what you shared, consider:
Fraud alert with credit bureaus
Credit freeze
Monitoring for new accounts or loans
Reviewing your credit reports
This is especially important if you gave a combination of name, address, date of birth, phone number, and financial account details.
13) Save evidence before deleting everything
It is normal to want the message gone immediately.
But evidence helps when reporting and disputing transactions.
Save:
Screenshot of the scam text
Phone number used
Call logs
Voicemails
Screenshots of remote access apps they asked you to install
Receipts for gift cards or transfers
Names the scammers used
Any fake case numbers they gave you
This documentation can help Apple, your bank, the FTC, and the FBI understand what happened.
14) Use a simple rule for future Apple alerts
If you remember only one rule, make it this:
Never use the phone number in a security text.
Instead:
Open your Apple account or device settings yourself
Check your purchase history directly
Contact Apple through official support channels you navigate to on your own
This matches the core advice from Apple, the FTC, and the FBI:
Assume suspicious messages may be scams
Do not trust the contact info inside the message
Use known official channels instead
15) If you are helping a family member, slow the process down
These scams hit hardest when someone is rushed and alone.
If a parent, spouse, or friend receives this kind of Apple Security Alert text, help them follow a calm checklist:
Do not call the number
Screenshot the text
Check the account directly
Report and delete
Review what was shared
Secure passwords if needed
The FTC makes a useful point that talking to someone you trust can help you realize it is a scam before you act. That advice is simple, but it works.
The Bottom Line
The “Apple Security Alert” text you shared is a scam designed to trigger panic and push you into calling a fake support number.
From there, scammers may pretend your device is hacked, ask for remote access through tools like AnyDesk, send you to fake websites, steal account and banking information, and pressure you to pay with gift cards or other hard-to-reverse methods. Apple, the FTC, the FBI, and AnyDesk all describe pieces of this same pattern and the same core defense: do not trust unsolicited alerts, do not use the contact details in the message, and do not give unknown people access to your device or your codes.
If you already interacted with the scam, act quickly and methodically.
Secure your Apple account, secure your email and banking accounts, remove remote access tools, report the incident, and monitor for follow-up fraud attempts.
FAQ
Is the “Apple Security Alert” text message real?
No. The message you shared matches a common scam pattern.
It uses fear, urgency, and a fake support phone number to push you into calling scammers. Real companies do not want you to rely on a phone number inside a suspicious text.
What is the main goal of this Apple Security Alert scam?
The main goal is to get you on the phone.
Once you call, the scammers try to impersonate Apple support, scare you with fake security claims, and pressure you into sharing account details, giving remote access to your device, or sending money.
What should I do if I get this text?
Do not call the number in the message.
Take a screenshot, block the number, report it as spam/junk, and then check your Apple account or purchase history directly using official Apple channels that you open yourself.
What if the text mentions a real-looking charge like $143.95?
That is part of the scam.
Scammers often use specific amounts because it makes the message feel more believable. A precise charge amount does not make the text legitimate.
How can I check if there was a real Apple charge?
Check through official sources only.
Use your Apple account purchase history, your Apple Pay transaction history, and your bank or card statement. Do not use links or phone numbers from the text.
What happens if I call the number?
You may reach a fake support center.
The person may sound professional and claim your Apple ID, iPhone, or computer is hacked. From there, they may ask you to install remote access software, share codes, or make payments.
Why do scammers ask me to install AnyDesk or similar apps?
They want remote access to your device.
If you install a remote access app and give them the connection code, they may be able to see your screen, control your device, and steal passwords, banking information, or other private data.
If I installed AnyDesk, what should I do right away?
Act quickly.
Disconnect from the internet, end the remote session, uninstall the app, restart your device, and change important passwords from a trusted device. Then contact your bank if you logged into any financial accounts during the call.
Can scammers really steal money during these calls?
Yes.
They often use fake refund or fake security stories to get access to banking details, trick victims into sending payments, or pressure them into buying gift cards and sharing the codes.
Why do they ask for gift cards?
Because gift cards are hard to trace and hard to recover.
If anyone claiming to be Apple support asks for gift cards, it is a scam. That is a major red flag.
What if I gave them my Apple ID password or a verification code?
Change your Apple account password immediately.
Then review your account security settings, check for unknown devices, confirm your recovery information, and change the password on your email account too, especially if it is linked to your Apple account.
What if I only called but did not give any information?
That is better, but you should still be cautious.
Block the number, watch for follow-up calls from different numbers, and ignore any callbacks claiming to be Apple, billing, or fraud departments.
Can scammers spoof Apple or make the caller ID look real?
Yes.
Scammers can spoof caller ID so a call may appear to come from a legitimate name or number. Caller ID alone is not proof that the call is real.
Does Apple send security alerts by text?
Apple may send legitimate notifications in some situations, but scammers copy that style all the time.
The safest rule is simple: never trust the contact details in an unexpected text. If you want to verify something, contact Apple through the official support page or your device settings.
How do I report this scam text?
You can report it in several ways:
Report it as junk/spam in your Messages app
Forward the text to 7726 (SPAM) for your carrier
Report it to the FTC
Send a screenshot of Apple impersonation texts to Apple’s phishing reporting address
How can I avoid this scam in the future?
Use this rule every time:
Never call the number in a security text.
Always verify directly through the official app, website, or support page that you open on your own. That one habit prevents most scams like this.
10 Rules to Avoid Online Scams
Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.
Stop and verify before you click, log in, download, or pay.
Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).
If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.
Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.
If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.
Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.
If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.
Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.
If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.
Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.
If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.
Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.
If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.
Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.
If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).
Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.
If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.
Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.
If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.
Move quickly. Speed matters for disputes, account recovery, and limiting damage.
Stop payments and contact: do not send more money or respond to the scammer.
Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
Scan your device: remove suspicious apps or extensions, then run a full malware scan.
Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.
These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
