Apple this month updated its security support document that offers Apple device users tips on how to recognize and avoid scams, and how to recognize suspicious emails, phone calls, or other messages.
Social engineering is a type of targeted attack that relies on impersonation, deception, and manipulation to gain access to your personal data. In this attack, scammers will pretend to be representatives of a trusted company or entity over the phone or through other communication methods. They will often use sophisticated tactics to persuade you to hand over personal details such as sign-in credentials, security codes, and financial information.
Protecting Your Apple Account
Apple offers 8 tips to make your Apple ID as secure as possible:
- Never share personal data or security information like passwords or security codes, and never agree to enter them into a webpage that someone directs you to.
- Protect your Apple ID. Use two-factor authentication, always keep your contact information secure and up to date, and never share your Apple ID password or verification codes with anyone. Apple never asks for this information to provide support.
- Never use Apple Gift Cards to make payments to other people.
- Learn how to identify legitimate Apple emails about your App Store or iTunes Store purchases. If you send or receive money with Apple Cash (U.S. only), treat it like any other private transaction.
- Learn how to keep your Apple devices and data secure.
- Download software only from sources you can trust.
- Don’t follow links or open or save attachments in suspicious or unsolicited messages.
- Don’t answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through our official support channels.
How to Report Suspicious Emails, Messages, and Calls
- If you receive a suspicious email that looks like it’s supposed to be from Apple, please forward it to reportphishing@apple.com.1
- If you receive a suspicious FaceTime call (for example, from what looks like a bank or financial institution), email a screenshot of the call information to reportfacetimefraud@apple.com. To find the call information, open FaceTime and tap the next to the suspicious call.
- If you receive a suspicious link to a FaceTime call in Messages or Mail, email a screenshot of the link to reportfacetimefraud@apple.com. The screenshot should include the phone number or email address that sent the link.
- To report a suspicious SMS text message that looks like it’s supposed to be from Apple, take a screenshot of the message and email the screenshot to reportphishing@apple.com.
- To report spam that you receive in your iCloud.com, me.com, or mac.com Inbox, mark the spam emails as Junk or move them to your iCloud Junk folder. When you mark an email as junk, you help improve iCloud Mail filtering and reduce future spam.
- To report harassment, impersonation, or other types of abuse that you receive in your iCloud.com, me.com, or mac.com Inbox, send them to abuse@icloud.com.
- To report spam or other suspicious messages that you receive through Messages, tap Report Junk under the message. You can also block unwanted messages and calls.
- Report scam phone calls to the Federal Trade Commission (U.S. only) at reportfraud.ftc.gov or to your local law enforcement agency.
Apple includes quite a bit more information about how to avoid becoming a victim of scams. Read the support document here.