"Keep your Apple Account safe and secure" Email

Hi, cybersecurity proffessional here. I too recieved this email. All the links contained in the email are legitimate Apple domains.

The email address appleaccount@insideapple.apple.com is also a legitimate Apple email address.

[Edited by Moderator]

Probably the most unwise and amateurish but apparently legitimate mail they ever sent out. So unusual for legit Apple messages to be swallowed up by so many junk filters, but these were. That kinda shows how unwise this mail was.

I reported it as suspected phishing.

It’s apples email address. Not a fake account.

I’ve been highly confused over the last several days. Thank you for this question, GoodQAvgA. I came here also hoping to verify if appleaccount@insideapple.apple.com is a legitimate address. I’m not sure if I’ve come any closer to answering this question. I hope to find out what’s going on. Search results have been hard to sort through.

I received the email on an email that’s not even linked with Apple. I had to search it up because how is it verified?

Call Apple and ask them.

Refer to this page for Apple Support features ➔ Contact - Official Apple Support

Select from the presented options until you find a solution for your issue, or see if there is a chat or phone call contact method offered lower on the page (you sometimes have to narrow down the options multiple times before this is shown). If you do not see your issue, keep experimenting with any series of selections until you reach one that offers a chat session or a telephone call and get the representative to redirect you.

This support article has various country telephone numbers for contacting Apple for support and service ➔ Contact Apple for support and service - Apple Support

It’s a genuine link.

The message headers show that DMARC, DKIM and SPF record checks have been passed.

It looks legitimate as the email came from authorised apple servers.

Valid97 wrote:

How do you know? Did you open it?

If iPhone or iPad Safari is set to view links (rather than set to preview the target webpages), then (for instance) pressing and holding on the red-circled “go to” link (shown below) won’t be an Apple.com domain. Or won’t be whatever other website or service the particular scammers are trying to phish.

In Mail app, press and hold on the “from” in top of the message to view the sending email address, too. The green-circled detail (the sending address) usually won’t be Apple. Or whoever the scammer is trying to phish. This test is less reliable though, as the sending email addresses can be spoofed. Unlike the sending email address, the action links embedded in the spam message can’t go to Apple.com for the phishing to work, so those embedded links can’t be as easily spoofed.

If not familiar with Safari settings, here is how to view a link (circled in blue):

If you see the “tap to show preview”, you’re viewing the link. Which is the mode you want here. And in this case, the link shown (again, in the blue circle) shows an Apple.com link.

If you see the following (this is preview mode, with “hide preview” shown circled in yellow), then tap Hide preview:

Safari remembers this setting too, and I usually have it set to view links / hide previews. To set the link-view or webpage-preview setting mode using some benign link, such as the links used on most any webpage you normally visit, press and hold on one of the links embedded in the webpage. Best don’t test or switch the Safari viewing modes right on a spam or scam message, though.

There can be other clues, though those can sometimes be less reliable with all the data breaches happening.

There’s a very well-crafted AT&T phish email going ‘round, as well. That phishing email is easily detected by the embedded links not going to AT&T.

There seems to be a lot of debate in the threads if this is phishing. It's really hard to tell with this one since it looks like a legit email address. The only emails I get from apple is that my cloud storage is full or emails from apple support. Is this a first time for everyone seeing that email?

Have had a few emails regarding Apple Account today which initially spooked me and seemed suspicious.

I still don't know.

There's a tatty Apple logo with irregular edges, but oddly I'm told it's a 'verified logo' - so the loo's ok, but does that mean the email is genuine and not a phishing attempt.

Apple Account rollout does not seem very reassuring to me.

Have had a few emails regarding Apple Account today which initially spooked me and seemed suspicious.

I still don't know.

There's a tatty Apple logo with irregular edges, but oddly I'm told it's a 'verified logo' - so the looks ok, but does that mean the email is genuine and not a phishing attempt.

Apple Account rollout does not seem very reassuring to me.

I got similar emails today, seems very suspect. Stay vigilant

I was nervous at first when I clicked it, but email looks legit "verified logo" and I also get other e-mails from a similar address "deve*****@insi*******.apple.com" Which is my developer e-mail mailing list I signed up for ( photo below)

Also the real Apple Developer e-mail I get brings me to a legit Apple site / YouTube channel and when I hovered over the bottom I also see c.apple.com..... and it's a legit apple site.

[Edited by Moderator]

lizardscrazy wrote:

I received the email on an email that’s not even linked with Apple. I had to search it up because how is it verified?

BIMI was found lacking at least once already, and other issues being found by scammers would not surprise.

Real or not, the original message certainly looks like a scam, too.