Home/Scam Guides/Latest Scams/Fake Apple scareware pop-up claims iPhone compromised in data breach to install malware
tech HIGH 15 Jun 2026

Fake Apple scareware pop-up claims iPhone compromised in data breach to install malware

Impersonating: Apple

What is this scam?

A new wave of malicious pop-ups impersonating Apple appears after clicking suspicious links in phishing texts or social media ads, falsely claiming the recipient's iPhone details were exposed in a data breach. The pop-up presents buttons labelled 'Fix Now' or 'Protect Device' — clicking them installs malware rather than resolving any problem. Which? flagged this 'scareware' tactic in June 2026 as distinct from earlier Apple billing scams: it targets device security fears rather than payment credentials, and works on both iPhone and Android.

Example scam message

Pop-up on screen: '⚠ Apple Security Alert ⚠ Your iPhone has been compromised. Personal details including your Apple ID and payment information were detected in a recent data breach. Immediate action is required to protect your account and remove harmful content. [Protect My iPhone Now] [View Security Report]' [Tapping either button begins downloading malware — there is no genuine Apple security alert]

Red flags to look out for

  • The message creates urgency — threatening a fine, missed delivery, or account closure.
  • Links lead to unofficial domains that don't match the real company's website.
  • You weren't expecting this message and can't verify the event it references.
  • It asks you to confirm payment details or personal information via a link.
  • The sender's number or email address doesn't match the company's official contact.

What to do if you receive this

  1. Do not call any numbers or click any links in the message.
  2. Log in to your account directly via the official website or app to check for any real alerts.
  3. Forward the message to 7726 or email report@phishing.gov.uk.
  4. Report it to Action Fraud at actionfraud.police.uk.
Received this message? Forward it to 7726 (free on all UK networks) to report it to your mobile provider. You can also report it to Action Fraud or email the NCSC at report@phishing.gov.uk.

Not sure if your message is a scam?

Check it instantly with our free AI-powered detector.

Check a message now

Related scams

tech Argos account takeover fraud surges 323% as criminals exploit stolen credentials Argos tech Copycat Which? website runs fake debit card comparison article to harvest personal details Which? tech Google Calendar invite phishing bypasses spam filters to steal credentials Google / Gmail
← Back to all latest scams

Source: Which?