A new Apple scam has resurfaced, preying on individuals by exploiting concerns about low iCloud storage. Apple’s cloud storage service is crucial for many iPhone users, serving as a digital backup for photos, documents, and important files to prevent accidental loss.
Although iCloud simplifies device transitions for iPhone, iPad, or Mac users by storing data centrally, its limited storage capacity requires users to pay for additional space. Scammers are capitalizing on these restrictions, using the fear of account blockage due to full storage to deceive people into disclosing personal and financial information.
While iCloud scams are not uncommon, cybersecurity experts at Malwarebytes have observed a rise in fraudulent emails alleging insufficient storage space. These deceptive messages, often impersonating Apple, falsely claim that iCloud storage has been exceeded, prompting users to upgrade their storage plan via a link that redirects to a fraudulent website designed to extract sensitive data.
According to Malwarebytes, scammers are exploiting the emotional appeal of potentially losing photos to coerce victims into divulging personal and financial details. The fraudulent websites linked in these emails request payment and personal information to prevent the deletion of files in the iCloud storage.
To enhance user safety, new guidelines stress that Apple does not send unsolicited emails regarding iCloud storage issues. Legitimate notifications about nearing storage capacity are displayed within device settings or as official system alerts, not through unsolicited emails or messages with external links. Users are advised to access their iCloud storage status directly through device settings if needed.
To ensure secure iCloud usage, users are advised to follow these five rules:
1. Access your account only through Apple’s official website or device settings.
2. Never share your password with anyone.
3. Verify links in unexpected emails or messages before clicking.
4. Utilize updated anti-malware software with web protection enabled.
5. Exercise caution when engaging with suspicious websites or payment requests.