Fake iCloud storage full or Apple ID locked credential phishing — fraudulent email impersonating Apple or iCloud claiming the recipient's iCloud storage is full, backups have stopped, their Apple ID has been locked, or their account will be disabled — directing them to click a link to verify their Apple ID credentials, update billing, or upgrade their storage plan — a credential-harvesting phishing attack targeting the hundreds of millions of Apple device owners worldwide

Phishing emails impersonating Apple or iCloud — claiming the recipient's iCloud storage is full, their iPhone backups have stopped, their Apple ID has been locked due to suspicious activity, or their account will be disabled — then directing them to click a link to verify Apple ID credentials, update billing, or upgrade their storage plan through a fraudulent portal. Apple is the second most impersonated brand in phishing globally. Key facts: (1) Apple phishing attacks generate hundreds of millions of emails annually — according to APWG's Phishing Activity Trends Report, Apple consistently ranks in the top 3 most impersonated brands alongside Microsoft and PayPal; iCloud credential theft is particularly damaging because it provides access to photos, documents, Find My location, and device backup data; (2) The "iCloud storage full" lure is highly effective because it exactly mimics a real notification that Apple sends legitimately — attackers precisely clone Apple's visual branding, font, and notification format; storage anxiety is universal among iPhone users who have never upgraded; (3) Compromised Apple ID credentials enable device unlocking (Activation Lock bypass), resale of stolen/lost iPhones, access to Apple Pay and payment methods, photo theft and extortion, and account takeover across Apple ecosystem apps; (4) Legitimate Apple storage notifications always link to Settings > Apple ID > iCloud on device, never to external links — and Apple never locks accounts without first requiring device-based verification. Warning signs: non-apple.com/icloud.com sender domain, storage or account urgency with external click-to-verify link, request for Apple ID password or payment card via email.