As the clocks go back, UK Apple users targeted by smishing campaign

The clocks went back one hour at 2am here in the UK, as we vaguely recalled the four day summer we had experienced earlier in the year and properly settled in for winter.

And as most of us slept, the phishing gangs were up to their old tricks – spamming out SMS messages purporting to be warnings from Apple that our Apple IDs were due to expire today, and that we should act quickly.

Your AppleID is die to expire Today, Please tap [url] to update and prevent loss of services and icloud accounts.

Sign up to our free newsletter.
Security news, advice, and tips.

Apple

Be careful not to click on the link, however, as you will be taken to a fake Apple ID login page…

..which prompts you to enter your Apple ID and password, before trying to trick you into sharing your credit card details and your mother’s maiden name or even your passport number…

Phishing via SMS messages (known as smishing) isn’t a new phenomenon, and Apple users have been targeted in similar ways in the past by convincing-looking replicas of the real Apple ID login page.

Stay safe folks, always be wary of the links that you click on – and, if you haven’t already done so, enable two-step verification on your Apple ID account.

Hat-tip: Thanks to Simon Rae-Scott for bringing this latest phishing campaign to my attention.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.