You’re browsing on your iPhone when a full-screen alert takes over: “Your Apple ID has been compromised. Call this number immediately.” The message looks official. The language is alarming. And the phone number is a direct line to a scammer.
The Federal Trade Commission flagged this exact scheme in an April 2025 consumer alert, warning that fake Apple ID pop-ups are a growing vehicle for tech support fraud. The scam is simple and effective: a bogus security warning pressures the target into calling a number, where a person posing as Apple support talks them into handing over remote device access, account credentials, or payment for a “fix” that was never needed.
Tech support scams as a category are not small-time grifts. The FBI’s Internet Crime Complaint Center reported that victims lost more than $1.3 billion to tech support fraud in 2023, making it one of the costliest scam types the bureau tracks. Apple-branded pop-ups are among the most convincing variants because hundreds of millions of people depend on their Apple ID for everything from iCloud backups to payment methods.
How the scam works
The attack typically starts with a pop-up or full-screen takeover on an iPhone, iPad, Mac, or web browser. The message claims the user’s Apple ID is locked, compromised, or under threat. Urgent language warns that personal data, photos, or financial information could be exposed. A phone number is displayed prominently, and the victim is told to call it without delay.
These pop-ups often reach users through malicious online advertisements, compromised websites, or rogue calendar subscription invites that inject alerts onto a device. The visual design mimics Apple’s interface closely enough to fool someone who is already anxious about the warning’s content.
The FTC’s alert identifies the single clearest red flag: a real security notification from Apple will never ask you to call a phone number. That one detail is the dividing line between a legitimate alert and a scam. The FBI’s standing guidance on tech support fraud describes the same pattern and confirms that pop-ups with embedded phone numbers are a primary entry point for these schemes.
Once a victim calls, the person on the line follows a script. They may ask the caller to install remote-access software, share their screen, read back a two-factor authentication code, or pay for a bogus security service using gift cards, wire transfers, or cryptocurrency. In some cases, the scammer gains enough access to lock the victim out of their own Apple account entirely.
Why Apple users are targeted
Apple ID is a single key to a sprawling ecosystem. It controls access to iCloud storage, the App Store, Apple Pay, iMessage, FaceTime, and device backups that may contain years of photos, documents, and passwords stored in iCloud Keychain. Compromising an Apple ID can give an attacker far more than one account; it can open a window into a person’s entire digital life.
The trust Apple users place in the company’s security reputation also works against them. A pop-up that appears to come from Apple carries more weight than a generic “Your computer is infected” warning. Scammers exploit that trust deliberately, designing alerts that match Apple’s fonts, colors, and iconography.
The FTC has also warned that work devices are not immune. In guidance directed at small businesses, the agency notes that Macs and iPhones used in professional settings are targets for the same scheme. A single employee who follows the pop-up’s instructions could expose company data, client records, or financial systems.
What federal agencies have not yet confirmed
While the FTC and FBI have confirmed the mechanics and warned the public, some gaps remain. No publicly available IC3 data breaks out how many complaints involve Apple ID-themed alerts specifically versus other branded tech support scams. Apple has not released public statements detailing its own countermeasures or the number of users affected.
The Cybersecurity and Infrastructure Security Agency offers general phishing prevention guidance that aligns with FTC and FBI recommendations, but CISA has not published a targeted advisory on Apple ID alert abuse. Whether newer phishing vectors tied to Apple’s two-factor authentication prompts have evolved since 2023 is not addressed in any current federal publication.
The persistence of federal warnings, from the IC3’s first documentation of pop-up tech support scams nearly a decade ago to the FTC’s April 2025 alert, suggests the tactic endures because it keeps producing victims. But without complaint-level data or Apple’s internal abuse metrics, the precise scale of the Apple-branded variant remains unclear.
How to protect yourself right now
Do not call the number. Close the browser tab or force-quit the app. If the pop-up prevents you from closing it, restart the device.
Verify through Apple directly. Open Settings on an iPhone or iPad (or System Settings on a Mac) and check for any actual account notifications. If Apple needs you to take action on your Apple ID, the prompt will appear there, not in a browser pop-up. Apple’s own support page on phishing explains how to identify legitimate communications from the company.
Never grant remote access. No legitimate Apple support interaction will begin with a pop-up asking you to call a number, and Apple will not ask you to install remote-access software during an unsolicited contact.
Report it. The FTC accepts scam complaints through ReportFraud.ftc.gov. The FBI accepts reports through its IC3 portal or local field offices. If the pop-up appeared on a work device, notify your IT administrator immediately.
Block the delivery channels. Use an ad blocker in your browser to reduce exposure to malicious advertisements. On iOS, go to Settings > Calendar > Accounts and remove any subscribed calendars you did not add yourself. Keep your operating system and browser updated so that known exploit paths are patched.
The core rule is straightforward: if a pop-up tells you to call someone, it is not Apple. Close it, verify independently, and move on.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
