A new fraudulent scheme targeting Apple users has resurfaced, preying on concerns about low iCloud storage. Apple’s cloud storage service is crucial for many iPhone owners, serving as a digital backup to safeguard photos, documents, and other valuable files from accidental loss.
While iCloud simplifies device transitions for users of iPhone, iPad, and Mac by consolidating data in one place, its primary drawback is limited storage unless users opt for additional space by paying a monthly fee. Scammers are exploiting these restrictions by instilling fear of account blockage due to full storage, prompting individuals to disclose personal and financial information.
According to cybersecurity specialists at Malwarebytes, there has been a surge in deceptive emails alleging that users have exceeded their iCloud storage limit. These fraudulent messages, masquerading as Apple notifications, claim that files are no longer being backed up and urge recipients to upgrade their storage plan via a link to a counterfeit website designed to steal sensitive data.
Malwarebytes cautioned that scammers are leveraging the emotional appeal of potentially losing photos to deceive users into divulging personal and financial details. The fraudulent emails vary in content but essentially request a small payment to prevent iCloud files from being deleted, leading to fake websites soliciting personal and payment information.
In response to these scams, users are advised to exercise caution and remember that Apple does not send unsolicited emails regarding iCloud storage issues. Legitimate alerts about nearing storage capacity are displayed within device settings or as official system notifications, not through unsolicited text or email communications with external links. To verify storage status, users should access their iCloud usage directly through device settings.
Additionally, five guidelines have been provided to enhance iCloud security:
1. Access your account only through Apple’s official website or device settings.
2. Never share your password with anyone.
3. Refrain from clicking on links in unexpected emails or messages without verification.
4. Utilize up-to-date anti-malware software with web protection features enabled.
5. Avoid engaging with suspicious websites or payment requests to mitigate risks of falling victim to fraudulent schemes.