Beware: Don’t Fall For This iPhone Text Message Which Asks For Apple ID And Password

A new iPhone text messaging scam has been identified doing the rounds as part of an effort to trick unsuspecting users into parting with sensitive account information. Rather than using the native alert view system to trick the user into interacting with the pop-up and then running a malicious code, this new scam is making its way onto users’ iPhones through simple texts in the hope of conning people into trusting the contents of the message.

Most users with a relatively decent familiarity with tech, and the associated scams that go hand-in-hand with modern technology, will be able to spot this as a phishing scam a mile off. However, it seems that the message itself is enough official-looking to convince some people to follow the embedded URL and provide their own Apple ID and linked password in the hope of preventing their account from being terminated by Apple.

iphone-text-scam-main

Of course, that is never actually going to happen, but the very thought of it seems enough to drive some trust into such messages, especially when they are sent to new iOS users, staring down the barrel of an expiring Apple ID.

Here’s what this malicious text message in question looks like:

[Name] your Apple ID is due to expire today. To prevent termination confirm your details at appleidlogin.co.uk – Apple Support.

Interestingly, the type of scam being explored by this phishing method isn’t just limited to grabbing Apple ID details, it is also looking to get a hold of a user’s bank and credit card details.

(Image credit: @davidvitty)

One of the key components of the text message that instantly breeds trust amongst those who receive it, is the fact that it is actually personalized with the receiver’s full name. That in itself suggests that the perpetrators behind the scam have actually purchased or received a database of names and numbers from a currently unknown source. The message continues to warn the receiver that his/her Apple account could be terminated if the URL isn’t followed and the account details aren’t confirmed. Of course, Apple warns against this type of attack on its support websites, and would never actually request account details in such a manner.

This isn’t the first time that scams of this nature have attacked iOS users, and it’s very naive to believe that it will be the last. Attackers are continually looking for new and increasingly sophisticated methods of tricking device owners into parting with sensitive account or financial information. This is the latest method, and is most definitely one that should be avoided at all costs.

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.