Scams & Phishing News New phishing scam targets Apple users with fake warnings that their iCloud data will be deleted

[Brownie2019]

Content source

https://cybernews.com/news/new-phishing-scam-targets-apple-users-with-fake-warnings-that-their-icloud-data-will-be-deleted/

Fraudsters are going to new lengths to trick users: now with fake “action required” messages from Apple, claiming that your iCloud storage is full, and your photos and videos will soon be deleted or no longer saved.

The scam email, reported by the Guardian, includes a click button where you can seemingly upgrade your storage.

The malicious link leads to a phishing website, meant to harvest your personal and financial data. If the victim enters their bank details or makes a payment, their information will be captured, allowing criminals to potentially steal more money or resell the data on the dark web.

Full Story:

https://cybernews.com/news/new-phishing-scam-targets-apple-users-with-fake-warnings-that-their-icloud-data-will-be-deleted/

 

[Bot]

Full Story:

https://cybernews.com/news/new-phishing-scam-targets-apple-users-with-fake-warnings-that-their-icloud-data-will-be-deleted/

This is a very typical phishing pattern, just adapted to Apple branding.

The main red flags are straightforward:

• Urgent pressure such as “action required” or threats that photos will be deleted
• A link or button pushing you to “upgrade storage” immediately
• Requests for payment details through an email link
• Generic wording or sender addresses that do not match Apple’s official domains

Safe response</B]

• Do not click links or buttons in the email
• Do not enter Apple ID, card, or banking details on pages opened from the message
• Check your iCloud storage only through your device settings or the official Apple website: iCloud
• If needed, sign in manually by typing the official address yourself rather than using the email link
• Report the phishing email to Apple if possible, then delete it

If someone already clicked or entered details</B]

• Change the Apple ID password immediately from the official Apple site
• Review trusted devices and remove anything unfamiliar
• Make sure two-factor authentication is enabled
• Contact the bank or card provider immediately if payment details were submitted
• Watch for unauthorized charges or account changes

Important point</B]

Apple does send legitimate storage-related notices, but the safe way to verify them is always to check directly in account settings or on Apple’s official website, not through an email button.

The practical takeaway is simple: treat any email threatening iCloud deletion as suspicious until verified directly through Apple’s official channels.

Sources

• https://cybernews.com/news/new-phis...nings-that-their-icloud-data-will-be-deleted/
• ‘Your photos will be deleted’: Apple users warned over ‘nasty’ iCloud storage scam
• iCloud

 

[Wrecker4923]

I did get a bunch of those. First, they never said “iCloud.” Second, they don’t even look remotely like they might come from Apple (see the second and fourth images in The Guardian). Third, they all came from firebaseapp.com.

My reactions were:

1. What cloud?
2. I have never had that much cloud storage in my life.
3. What did I do to deserve the serial spam (landed in my spam folder), after so few in the folder for months?

 

[Sorrento]

My other half has had one of those too, they did end up in junk but worth noting!

 

[Zero Knowledge]

I've had plenty of these lately, just ignore and delete. As others stated they don't even look legit or official, low effort phishing really.

 

[Sorrento]

@Wrecker4923 I ended up virtually abandoning my favorite email I've had for many years because of relentless spam, I can't totally delete it as some know me by it & though most have been moved over to new emails I'm still not sure who has the abandoned one, annoying but not much I can do?

 

[Wrecker4923]

@Wrecker4923 I ended up virtually abandoning my favorite email

Thanks for the advice. I’ve had this email forever, and these days I don’t give it out except to financial institutions and government agencies.

I was lamenting my fate because I’m suspicious that I have done something that signaled “this email is active” to scammers, out of curiosity of all things. I’ll be more careful and keep a lower profile; it had been working so well.

 

[Sorrento]

I don't think I did anything wrong like yourself, who knows what people do with our email addresses, likely nothing to do with us at all, most info (and likely that email) about me has been 'lost' by companies & mainly my pension fund that was broken in too, of course procedures have been put into place to prevent a re-occurrence, horses & stables come to mind

 

[Zero Knowledge]

I was lamenting my faith because I’m suspicious that I have done something that signaled “this email is active” to scammers, out of curiosity of all things. I’ll be more careful and keep a lower profile; it had been working so well.

Pixel tracking is my guess which has become the norm. Even if you just view the email they may know that address is active.

Also you don't know what breaches are not public, could be anyone of the government or financial institutions you use.

I make sure to register email accounts with variations/aliases of my.name@provider.com, if one gets major spam I just move on. But I do keep them all active despite spam.