A phishing campaign targeting Apple account holders is circulating through phone calls, text messages, emails, and browser pop-ups, using urgent security language to pressure users into handing over passwords and financial details.
The campaign, widely referred to as the “Apple High Alert” scam, does not exploit any flaw in Apple’s software or servers.
Attackers are relying entirely on psychological pressure, crafting messages that claim your iPhone or Apple account has been compromised due to detected suspicious activity. The goal is to create enough panic that you act before you think.
What the Messages Actually Look Like
According to ConsumerAffairs, common phrases appearing in these messages include “Security Breach Detected,” “Your iPhone Has Been Compromised,” and “High Alert.”
The wording is designed to feel official and time-sensitive. Some versions arrive as browser pop-ups that freeze the screen and display a phone number to call. Others land as SMS messages or emails styled to resemble Apple’s actual communications.
Anyone with an Apple ID is a potential target, not just iCloud subscribers. That puts hundreds of millions of iPhone, iPad, and Mac users in the potential pool of people who could receive one of these messages.
What Scammers Are After
Once a target engages, the attacker typically attempts to collect Apple account credentials, credit card numbers, or both.
In some cases, victims are walked through steps that give the scammer remote access to their device. From there, an attacker can lock the device, drain linked payment accounts, or harvest stored passwords.
Also: I almost fell for “your Apple ID has been locked” scam (Here’s what I wish I had known)
How to Identify and Avoid It
Apple does not call users unsolicited about account security issues. If a browser pop-up or message urges you to call a phone number immediately, that is a reliable indicator of a scam.
Legitimate Apple security alerts direct users to appleid.apple.com via Safari, not to a phone number embedded in a pop-up or text message.
If you receive a message like this, do not call the number, do not click any links, and do not provide any information.
On iPhone, you can report suspicious text messages by tapping “Report Junk” directly in the Messages app. Suspicious emails can be forwarded to reportphishing@apple.com.
If you believe your Apple ID has actually been accessed without your permission, go directly to appleid.apple.com and change your password there.
