Warning: Beware of ‘Apple ID expiration’ phishing scam

“Apple users are receiving phishing messages designed to trick them into handing over their Apple ID passwords and other pieces of personal information,” Doug Bolton reports for The Independent.

“People hit by the scam usually receive an unsolicited message which claims to come from Apple, urging them to immediately change their Apple ID password before it expires,” Bolton reports. “Victims are then directed to an unoffical but legitimate-looking website like AppleIDLogin.co.uk, where they are asked to input their username and password.”

“Of course, the site isn’t genuine – it’s all part of an elaborate phishing attack, designed to get users to hand over information which could be used by cybercriminals,” Bolton reports. “As usual, the best defence against phishing attacks is to stay vigilant and ignore or delete any messages that look even slightly suspicious. If you’re still in doubt, contact the actual company directly, and they’ll be able to verify whether there’s any real problems or not.”

Read more in the full article here.

MacDailyNews Take: Let’s be careful out there. Even savvy users can get scammed by acting too hastily.

Read Apple’s “Identifying fraudulent ‘phishing’ email” info here.

If you receive a suspicious email, select the message text so that it is highlighted. Choose Forward as Attachment from the Message menu (OS X Mail) or the Actions menu (Outlook). Send the email to abuse@icloud.com. This provides Apple’s legal department and law enforcement with useful information to help prevent future phishing emails.


  1. Yea, I’ve received that email.

    If you know someone who is prone to clicking on those phishing scams, have them watch this TED talk video. Very fully.

  2. This warning is a bit delayed. I’ve been seeing this scam since the beginning of the year. It’s very easy to spot. Just hover your cursor over one of the fraudulent URLS foisted in the phishing scam and note that it is NOT a URL for Apple.

    I report all phishing scams to both SpamCop.net and the companies being forged…. Well, except Twitter, who are too lazy to give a rat’s about phishing scams in their name.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.