A dangerous phishing scam is circulating that targets iPhone and Apple users worldwide. If you receive an email warning you that your iCloud storage is full — do not click anything. Here's what you need to know.
What is the scam?
Victims are receiving convincing-looking emails that appear to come from Apple or iCloud, claiming their storage is full and urging them to upgrade immediately or risk losing photos, videos, and access to apps.
The emails contain a button or link to "enable the upgrade." Clicking it takes users to a malicious website designed to steal sensitive personal and financial information.
⚠ Threat escalation
Some versions of the email are more aggressive, warning that the victim's iCloud account will be permanently closed within 48 hours unless they act immediately — a classic pressure tactic designed to panic users into clicking without thinking.
What happens if you fall for it?
If a victim enters their bank details or makes a payment on the fraudulent site, scammers can use that information to steal further funds. The stolen data may also be sold to other criminal organisations on the dark web.
Who is warning about this?
Both Which? — the UK's largest independent consumer organisation — and the US Federal Trade Commission (FTC) have issued warnings about this scam. The FTC specifically advises users to contact Apple directly if they receive one of these emails, rather than clicking any links.
How to protect yourself
1
Don't click links in unsolicited emails. Go directly to icloud.com or the Settings app on your iPhone to check your actual storage usage.
2
Check the sender's email address carefully. Scam emails often use addresses that look similar to Apple but are slightly different (e.g. [email protected]).
3
Never enter banking details following an email prompt. Apple will never ask for payment details by email.
4
Report suspicious emails by forwarding them to [email protected] and deleting them immediately.
5
Enable two-factor authentication on your Apple ID if you haven't already — this adds an important extra layer of security.
Already clicked a link or entered your details?
If you believe you've been compromised, act fast: contact your bank immediately to report potential fraud and freeze your card if necessary. Change your Apple ID password and any other accounts using the same credentials. Report the incident to Action Fraud (UK) on 0300 123 2040 or via actionfraud.police.uk.
