Apple Intelligence is now available on iPhone, iPad, and Mac!

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

AppleID Compromised

I got a notification around 3:00am that someone had logged into iMessage with my AppleID around 12:00am and that I needed to change my password. I am wondering how it could have happened. The only things I did around the time of the access were:


1) Use someone’s screencast device that required me to connect to its wifi to connect it to the internet

2) Use someone’s personal hotspot


Are any of these methods able to allow that individual to gain access to my device’s AppleID?


I didn’t see their device when I logged into my iCloud under “devices” and I also did not get any Two-Factor Authentication message on my phone so I don’t know how they could have signed in in the first place.


Anyone can explain what might have happened?

Posted on Aug 23, 2022 5:29 AM

Reply
9 replies

Aug 23, 2022 6:36 AM in response to IdrisSeabright

Thanks for those quick replies.


I already went to the correct support page and followed the steps.


The notification was an email to my specified notification email in my apple account from the “noreply” apple email:


Rereading the message I am not sure , maybe it is spam. Is this how official emails from Apple looks? Either way there isn’t a link present in the email so I am not sure

Aug 23, 2022 5:46 AM in response to aevan87

aevan87 wrote:

I got a notification around 3:00am that someone had logged into iMessage with my AppleID around 12:00am and that I needed to change my password. I am wondering how it could have happened. The only things I did around the time of the access were:

Was this message a text or email? If so, it's quite possible that it wasn't from Apple at all. It sounds like it could have been a scam, especially if you didn't get the 2FA notification and you don't see anything in Find My. I hope you didn't click on any links in the message to change your Apple ID. If so, immediately follow the directions Smilin-Brian gave.

Aug 23, 2022 7:13 AM in response to Smilin-Brian

Thanks Brian. Further to this, I just realized, the information in the line above the first line in the photo provided displays:


”Your AppleID ***** was used to sign into iMessage”


The ***** is not my AppleID for my devices but it IS my email address. How does that happen? I will have to call Apple Support maybe to remove my email from that account or recover that account. I don’t think I have any sensitive data on that account though so I feel a bit relieved.


Hopefully apple support can offer more clarity.

Aug 23, 2022 8:24 AM in response to aevan87

Apple will always address you by your name or the name they have on file for you, not Dear Customer, Dear Client or by using your e-mail address.  The e-mail will be from @apple.com or @iTunes.com. E-mail addresses can be spoofed. You can go to Mail/View/Message/Show all Headers to see more. Apple emails won't have poor grammar/misspellings. Apple e-mails will never contain an attachment. Apple will never request personal information by email such as Social Security numbers, your Mother’s maiden name or full credit card numbers . 


The only exception to the above I have noticed is if you order something from the Apple Store (apple.com), your receipt will be addressed to Dear Apple Customer. That is a receipt for a purchase you initiated.

AppleID Compromised

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.