Scammers Use Real Apple Support Emails in New Phishing Scam
NEW YORK — December 3, 2025 — A new phishing scam has emerged that uses authentic Apple Support emails and tickets to deceive users into surrendering their Apple accounts, according to cybersecurity experts. The scam exploits a vulnerability in Apple’s support system that allows scammers to generate genuine support tickets without verification, making their communications appear legitimate.
Eric Moret, a Broadcom executive, shared his experience of nearly losing access to his Apple ID after receiving multiple alerts and phone calls that seemed to come from Apple Support. Moret described the scam in detail in a Medium post, explaining how the attackers initiated the scheme by triggering two-factor authentication notifications claiming unauthorized access attempts to his iCloud account.
Shortly after, Moret received phone calls from individuals posing as Apple agents who calmly offered assistance. The scammers had opened a real Apple Support case in his name, which resulted in official emails from an Apple domain, lending credibility to their approach and lowering his guard.
During a 25-minute call, the fake agents guided Moret through steps to reset his iCloud password, claiming it was necessary to secure his account. They then sent a link to a counterfeit website, “appeal apple dot com,” which mimicked Apple’s official site and instructed him to enter a six-digit code sent via text message. When Moret entered the code, the scammers obtained the credentials needed to access his account.
Moret received an alert that his Apple ID had been used to sign into a device he did not own, confirming the takeover attempt. Although the scammer on the call reassured him that this was normal, Moret trusted his instincts, reset his password again, and successfully prevented the account from being compromised.
Experts warn that this scam is particularly effective because it leverages real Apple Support infrastructure, making the alerts and communications appear polished and professional. Users are advised to remain vigilant and follow safety steps to protect their accounts from similar attacks.
The scam highlights the importance of verifying unsolicited support communications and being cautious when prompted to enter security codes or reset passwords through links received in unexpected messages.
Leave a Reply