If you see a message while browsing the web that your iPhone, Mac, or other Apple device has a virus, or someone claiming to be from Apple calls and asks for your account name and password, you’re likely the target of a scam.
Scammers use any means they can—fake emails, pop-up ads, text messages, even phone calls—to try to trick you into sharing personal information, such as your Apple ID password or credit card information. Use this information to protect your account and avoid scams.
Protect your Apple ID
Never share your Apple ID password or temporary verification codes with anyone. Apple will never ask you for this information to provide support.
If you believe that your Apple ID has been compromised, change your password immediately.
Avoid scams when using Apple Pay to send and receive money
If you see pop-up alerts or ads
When you browse the web, you might see a pop-up ad or a page warning you about a problem with your device. It might even look like the alert is coming from macOS or iOS. It isn’t. These alerts are pop-ups, designed to trick you into calling a phony support number or buying an app that claims to fix the issue. Don’t call the number. Simply navigate away from that page, or close the window or tab, and continue browsing.
If you get a suspicious phone call or voicemail
Scammers spoof phone numbers and use flattery and threats to pressure you into giving them information, money, and even iTunes gift cards. Always verify the caller's identity before you provide any personal information. If you get an unsolicited call from someone claiming to be from Apple, hang up and contact us directly.
If you receive a phishing email or text message
Scammers try to copy email and text messages from legitimate companies to trick you into entering personal information and passwords. Never follow links or open attachments in suspicious or unsolicited messages. If you need to change or update personal information, contact the company directly.
These signs can help you identify phishing scams:
- The sender’s email address or phone number doesn’t match the name of the company that it claims to be from.
- Your email address or phone number is different from the one that you gave that company.
- The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
- A link appears to be legitimate but takes you to a website whose URL doesn’t match the address of the company’s website.*
- The message looks significantly different from other messages that you’ve received from the company.
- The message requests personal information, like a credit card number or account password.
- The message is unsolicited and contains an attachment.
Report phishing attempts and other suspicious messages to Apple
To report a suspicious email, forward the message to Apple with complete header information. To forward the email: In macOS Mail, select the email and choose Forward As Attachment from the Message menu at the top of your computer screen.
These email addresses are monitored by Apple, but you might not receive a reply to your report.
- If you receive what you believe to be a phishing email that's designed to look like it’s from Apple, please send it to firstname.lastname@example.org.
- To report spam or other suspicious emails that you receive in your iCloud.com, me.com, or mac.com Inbox, please send them to email@example.com.
- To report spam or other suspicious messages that you receive through iMessage, tap Report Junk under the message.
*To confirm the destination of a link on your Mac, hover your pointer over the link to see the URL in the status bar. If you can't see the status bar in Safari, choose View>Show Status Bar. On your iOS device, touch and hold the link.