The email message below which claims that significant changes in the recipients' Apple ID have been noticed, is just one of the many attempts by cyber criminals to steal their potential victims’ Apple account credentials. The fake email has links in it that go to a phishing Apple website which steals account usernames and password. The phishing website steals account credentials by asking visitors to sign-in with their Apple account usernames and passwords. Now, any attempt to sign into the fake or phishing website will result in the visitors’ Apple account credentials being sent to the cybercriminals responsible for the scam. Once the cyber crooks have gotten possession of the stolen account credentials, they will use it to hijack their victims’ Apple accounts and use the same accounts fraudulently.
Sample of the "We've Noticed Significant Changes in Your ID Activity" Scam
From: Apple Support <email@example.com>
Date: May 14, 2017 at 1:43:21 PM EDT
Subject: We've noticed significant changes in your ID activity
We've noticed significant changes in your ID activity. For your protection, your account
has been disabled.
Your Access ID has been locked for the following reasons.
Someone has been adding or make a changes in the email address for an Apple ID account access.
If you did not make this changes and believe an unauthorised user has accessed your account.
To read your secure message we suggest by opening the following attachment in PDF files named AppleID_Verify.pdf(148K)
You will be prompted to open (View) the file or save (Download) it to your current device.
For best result, save the file and then open it on a PDF File Viewer or Web Browser.
And you will be directed to our new server
Your account will be disabled untill we hear from you!
Apple users should never click on a link in an email message to sign into their accounts. They should instead, go directly to https://appleid.apple.com/ and sign-in from there. If there is something wrong with their accounts, they will be alerted after signing in. Users who were tricked by the phishing scam, are asked to change their Apple account passwords immediately before their accounts are hijacked and used fraudulently. For those users who are unable to change their passwords, are asked to contact Apple Technical Support for help.