Why am I getting notices of fraudulent activity and account settings changed but not by me, threatening account closure. Getting threatening text messages saying : suspicious activity from my device, settings being changed, malware and 28 viruses, as my protection has expired. I can’t back up or use the App Store . What can I do?
[Edited by Moderator]
iPhone XR, iOS 18
They are bogus.
Criminals are getting very good at imitating Apple messages and sometimes the only indication in an email is very subtle. Have a look at this thread. Someone registered an Apple ID with my em… - Apple Community It can be very hard to tell from an email alone if it is authentic. The best way to check is to use an independent way through Apple's own resources to confirm what the communication claims. Scams (e-mail, text messages, and phone calls) are getting very good at closely imitating true Apple communications. Always be cautious. These support articles have some guidelines:
About identifying legitimate emails from the App Store and iTunes Store --> Identify legitimate emails from the App Store or iTunes Store - Apple Support
Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support
Avoid scams when you use Apple Cash --> Avoid scams when you use Apple Cash - Apple Support
About Gift Card Scams --> About Gift Card Scams - Official Apple Support
If you are uncertain about a message and a resource provided in that message, do not click on any links in the message. Try to use an Apple resource you know is valid to independently verify what the message is claiming. Go to a support article page on apple.com and use the instructions in the article to verify though Apple itself, or use an Apple device feature such as Settings or an Apple app. To ask Apple start at this web page: Official Apple Support If you wish to investigate links, this post by contributor MrHoffman describes how you can do that —> "Keep your Apple Account safe and secure"… - Apple Community (the link takes you to the end of the post so scroll up a bit).
- Apple won’t warn you about disabling an account. You will find out when you try to sign in.
- Phishing emails may include account suspension or similar threats in order to panic you into clicking on a link without thinking. They may report a fake purchase in order to infuriate you into rashly clicking on a false link to report a problem.
- Apple e-mails address you by your real name, not something like "Dear Customer", "Dear Client", or an e-mail address* However, having your actual name is not proof this isn’t phishing. Compromised databases may have your name and address in them.
- Apple e-mails originate from @apple.com or @itunes.com but it is possible to spoof a sender address. "Apple email related to your Apple ID account always comes from appleid@id.apple.com." - About your Apple Account email addresses - Apple Support
- Set your email to display Show Headers or Show Original to view Received From. Apple emails originate from IP addresses starting with "17.".
- Mouse-over links to see if they direct to real Apple web sites. Do not click on them as this just tells the spammer they have a working e-mail address in their database. If you are unsure, contact Apple using a link from the Apple.com web site, not one in an email.
- Apple will not ask for personal information in an e-mail and never for a social security number.
- Scams may have bad grammar or spelling mistakes.
- Apple will not phone you unless it is in response to a request from you to have them call you.
* Exception: I got email saying my ID is expired! Does… - Apple Community
They are bogus.
Criminals are getting very good at imitating Apple messages and sometimes the only indication in an email is very subtle. Have a look at this thread. Someone registered an Apple ID with my em… - Apple Community It can be very hard to tell from an email alone if it is authentic. The best way to check is to use an independent way through Apple's own resources to confirm what the communication claims. Scams (e-mail, text messages, and phone calls) are getting very good at closely imitating true Apple communications. Always be cautious. These support articles have some guidelines:
About identifying legitimate emails from the App Store and iTunes Store --> Identify legitimate emails from the App Store or iTunes Store - Apple Support
Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support
Avoid scams when you use Apple Cash --> Avoid scams when you use Apple Cash - Apple Support
About Gift Card Scams --> About Gift Card Scams - Official Apple Support
If you are uncertain about a message and a resource provided in that message, do not click on any links in the message. Try to use an Apple resource you know is valid to independently verify what the message is claiming. Go to a support article page on apple.com and use the instructions in the article to verify though Apple itself, or use an Apple device feature such as Settings or an Apple app. To ask Apple start at this web page: Official Apple Support If you wish to investigate links, this post by contributor MrHoffman describes how you can do that —> "Keep your Apple Account safe and secure"… - Apple Community (the link takes you to the end of the post so scroll up a bit).
- Apple won’t warn you about disabling an account. You will find out when you try to sign in.
- Phishing emails may include account suspension or similar threats in order to panic you into clicking on a link without thinking. They may report a fake purchase in order to infuriate you into rashly clicking on a false link to report a problem.
- Apple e-mails address you by your real name, not something like "Dear Customer", "Dear Client", or an e-mail address* However, having your actual name is not proof this isn’t phishing. Compromised databases may have your name and address in them.
- Apple e-mails originate from @apple.com or @itunes.com but it is possible to spoof a sender address. "Apple email related to your Apple ID account always comes from appleid@id.apple.com." - About your Apple Account email addresses - Apple Support
- Set your email to display Show Headers or Show Original to view Received From. Apple emails originate from IP addresses starting with "17.".
- Mouse-over links to see if they direct to real Apple web sites. Do not click on them as this just tells the spammer they have a working e-mail address in their database. If you are unsure, contact Apple using a link from the Apple.com web site, not one in an email.
- Apple will not ask for personal information in an e-mail and never for a social security number.
- Scams may have bad grammar or spelling mistakes.
- Apple will not phone you unless it is in response to a request from you to have them call you.
* Exception: I got email saying my ID is expired! Does… - Apple Community
If you feel an unauthorized person/app is remotely using, controlling or monitoring your device, then that is possible only if you have done one or more of the following Don'ts...
If one of the above is true then quickly change the Apple ID Password and Return iPhone settings to their defaults.
Keep the iPhone updated to the latest iOS always and never Jailbreak. That's it.
iOS / iPadOS devices cannot be hacked or infected with Virus / Malware / Spyware *** unless you have intentionally downloaded spurious software or unauthorized apps directly from the internet and installed them on your device or/and have Jailbroken.
It (Hacking) also depends on how careful you are in sharing sensitive and valuable information pertaining to your iPhone such as Passcode, Password, etc with your friends and family members.
Be judicious when sharing the device's sensitive and valuable information with friends and family members.
**The primary reason for this is Sandboxing. All third-party apps are “sandboxed”, so they are restricted from accessing files stored by other apps or from making changes to the device. Sandboxing is designed to prevent apps from gathering or modifying information stored by other apps.
Security of runtime process in iOS and iPadOS - Apple Support
The sandbox on an iPhone is a security feature that creates a restricted environment for each app to run in isolation from other apps and the operating system. It is a core component of iOS's security architecture and plays a crucial role in making iPhones more secure.
If you doubt the authenticity of the information provided earlier, you have two alternatives:
What can I do?
Ignore and delete anything like this. They are scams run by criminals that are trying to trick you into buying useless software for outragous prices or worse....providing your personal details so your accounts can be compromised.
They are all scams, ignore them.
If you're getting messages about "malware and 28 viruses", those would be scams, presented by criminals. The iPhone operating system is so locked-down that viruses cannot spread on a non-jailbroken iPhone – and there's also no way for someone to remotely scan your iPhone for viruses.
Therefore the danger is from doing whatever the messages are trying to get you to do – whether that's buying a useless "security" app or contacting criminals posing as "tech support" to fix some non-existent problem. (It is when you fall for the bait, and contact the criminals, that you will be scammed.)
Can’t back up or use the App Store due to threatening text messages
