{“lastseen”:”2026-04-21T14:08:14″,”description”:”Scammers have found a way to abuse legitimate Apple account notification emails to trick targets into calling fake tech support numbers.\\n\\nAccording to a report from BleepingComputer, scammers create an Apple account and insert a phishing message into the personal information fields, then modify the account so that Apple sends a genuine security alert about the change to the target.\\n\\nBleepingComputer was able to replicate the attack.\\n\\nThe attacker creates an Apple ID they control, then stuffs the phishing message into the personal information fields (first name, last name, possibly address), splitting it across fields because they will not fit into just one.\\n\\nTo launch the phish, the attacker changes something benign on their specially created Apple account, such as shipping information, which causes Apple\u2019s systems to send a \u201cYour Apple account was updated\u201d security email.\\n\\nWhile the original alert is addressed to the attacker\u2019s iCloud email, they are then able to redistribute it to a wider victim list, for example through a mailing list.\\n\\nIn the copy the targets receive, the email headers still show a legitimate Apple sender, and the presence of the attacker\u2019s iCloud address can even make it look like \u201csomeone else\u201d has gained access to the account.\\n\\n\\n\\nBecause Apple includes those user-supplied fields in the security email, the phishing text is delivered inside a legitimate message sent from Apple\u2019s own infrastructure.\\n\\nThis method, called call-back phishing, filters out suspicious users, so the scammers can focus on the people who fell for the first part. \\n\\nThe emails come from a legitimate source, sail through every security filter because of that, and look convincing enough to scare the receiver into thinking someone spent $899 from their PayPal account.\\n\\n\\n\\nBut the structure of the email does not make sense.\\n\\n\\”Dear User\\” is immediately followed by the scam message where your name should have been. The header says it\u2019s about account information rather than a purchase. And the iCloud account does not belong to the recipient. So, once you know how it\u2019s done, they\u2019re not impossible to spot. Which is why we wrote this blog.\\n\\nAnd when in doubt, you can always ask Malwarebytes Scam Guard.\\n\\n* * *\\n\\n\\n\\n### Scam or legit? Scam Guard knows.\\n\\nTRY IT NOW\\n\\n* * *\\n\\nAsking Scam Guard\\n\\nScam Guard identified the screenshot as a scam and guides users through the next steps.\\n\\nScams like these work, because many users still view phone calls as more trustworthy than email, especially if the email itself passed all the usual technical authenticity checks and they initiated the call themselves.\\n\\n## How to stay safe\\n\\nTech support scammers will try to convince callers to install some kind of remote desktop application to steal data from your computer, or ask for financial details so they can steal your money.\\n\\nTo stay safe from these scammers:\\n\\n * Be wary of unexpected alerts about high\u2011value purchases you do not recognize. They are suspicious even if they come from a real domain.\\n * Never call a number sent to you by unsolicited means or even found in sponsored search results.\\n * Carefully read emails and text messages, even if they come form trustworthy addresses. Does the email make sense from a structural and linguistic point of view?\\n * If someone claiming to be support for a legitimate company asks for remote access or payment details during a call, hang up and contact the company through official channels.\\n * Use Malwarebytes Scam Guard to analyze any kind of message that alarms you or urges you to take immediate action.\\n\\n\\n\\n* * *\\n\\n### **Something feel off? Check it before you click. ** \\n\\n**Malwarebytes Scam Guard** helps you analyze suspicious links, texts, and screenshots instantly. \\n\\nAvailable with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android. \\n\\nTry it free \u2192”,”published”:”2026-04-21T12:59:31″,”modified”:”2026-04-21T12:59:31″,”type”:”malwarebytes”,”title”:”Real Apple notifications are being used to drive tech support scams”,”source”:””,”references”:””,”id”:”MALWAREBYTES:D24710F33CDA447E523F00674DAA7529″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/04\/real-apple-notifications-are-being-used-to-drive-tech-support-scams”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-04-21T14:08:14″,”description”:”Scammers have found a way to abuse legitimate Apple account notification emails to trick targets into calling fake tech support numbers.\\n\\nAccording to a report from…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-48230","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n