Protect your Apple ID
Never share your Apple ID password or temporary verification codes with anyone. Apple will never ask you for this information to provide support.
Use two-factor authentication to protect your Apple ID. Learn more about security and your Apple ID.
If you believe that your Apple ID has been compromised, change your password immediately.
Avoid scams when using Apple Pay to send and receive money
When you send or receive money with Apple Pay (US only), it’s just like any other private transaction between two people. Follow these simple tips to avoid scams.
If you see pop-up alerts or ads
When you browse the web, you might see a pop-up ad or a page warning you about a problem with your device. It might even look like the alert is coming from macOS or iOS. It isn’t. These alerts are pop-ups, designed to trick you into calling a phony support number or buying an app that claims to fix the issue. Don’t call the number. Simply navigate away from that page, or close the window or tab, and continue browsing.
If you get a suspicious phone call or voicemail
Scammers spoof phone numbers and use flattery and threats to pressure you into giving them information, money, and even iTunes gift cards. Always verify the caller's identity before you provide any personal information. If you get an unsolicited call from someone claiming to be from Apple, hang up and contact us directly.
If you receive a phishing email or text message
Scammers try to copy email and text messages from legitimate companies to trick you into entering personal information and passwords. Never follow links or open attachments in suspicious or unsolicited messages. If you need to change or update personal information, contact the company directly.
These signs can help you identify phishing scams:
The sender’s email address or phone number doesn’t match the name of the company that it claims to be from.
Your email address or phone number is different from the one that you gave that company.
The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
A link appears to be legitimate but takes you to a website whose URL doesn’t match the address of the company’s website.*
The message looks significantly different from other messages that you’ve received from the company.
The message requests personal information, like a credit card number or account password.
The message is unsolicited and contains an attachment.
Report phishing attempts and other suspicious messages to Apple
To report a suspicious email, forward the message to Apple with complete header information. To forward the email: In macOS Mail, select the email and choose Forward As Attachment from the Message menu at the top of your computer screen.
These email addresses are monitored by Apple, but you might not receive a reply to your report.
If you receive what you believe to be a phishing email that's designed to look like it’s from Apple, please send it to email@example.com.
To report spam or other suspicious emails that you receive in your iCloud.com, me.com, or mac.com Inbox, please send them to firstname.lastname@example.org.
To report spam or other suspicious messages that you receive through iMessage, tap Report Junk under the message.
*To confirm the destination of a link on your Mac, hover your pointer over the link to see the URL in the status bar. If you can't see the status bar in Safari, choose View>Show Status Bar. On your iOS device, touch and hold the link.