Phishing actors continue to target Apple IDs due to their widespread use, which offers access to a vast pool of potential victims. These credentials are highly valued, providing control over devices, access to personal and financial information, and potential revenue through unauthorized purchases. Additionally, Apple's strong brand reputation makes users more susceptible to trusting deceptive communications that appear to be from Apple, further enhancing the attractiveness of these targets to cybercriminals.
These campaigns are mostly conducted via email although increasingly also through malicious SMS. A very recent case saw a threat actor distributing malicious SMS messages in the United States.