216/69 Tuesday, April 21, 2026
A new phishing campaign has been identified targeting Apple users by exploiting legitimate account notification systems. Attackers misuse Apple’s real alert mechanisms to send genuine-looking emails, then insert additional malicious content to trick victims into believing their accounts have been compromised or altered without authorization. The attack is highly convincing because the emails are actually delivered through Apple’s official systems.
The attack typically begins when victims receive a legitimate Apple security notification email. However, the message has been manipulated to include attacker-controlled instructions-such as calling a fake support number or completing a verification process. When victims follow these instructions, attackers attempt to extract sensitive information, including Apple ID credentials and two-factor authentication (2FA) codes, which can then be used to take over accounts and access personal data.
Security experts advise users to remain cautious even when emails appear to come from legitimate Apple systems. Users should avoid calling phone numbers or following instructions provided in such emails. Instead, they should verify any account issues by logging in directly through the official Apple website (appleid.apple.com) or via the Settings menu on their devices. If suspicious activity is detected, users should immediately change their passwords and review their 2FA settings to ensure their accounts remain secure.