Phishings targeting Apple

Suspicious and active websites

Phishings targeting Apple

Suspicious and active websites

Active

New (7d)

Trend (7d)

↑1000%

Website: apple.com
About: AIApple ID phishing targets iCloud / Find My data and is commonly tied to iPhone resale fraud after device theft.
Hosts: Unified Layer (11) · TIME-HOST LTD (1) · Host SpA (1)
Countries: United States (11) · Russia (1) · Italy (1)
TLS certs: YR2 (7) · YR1 (5) · ZeroSSL GmbH (1)

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

Last check (UTC)	First seen (UTC) ▾	URL	Flags	Details
2026-06-24 01:30	2026-06-23 13:00	http://icloud-com.co/icl26	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-23 01:01	https://mail.icloud-com.co/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-23 01:01	https://icloud-com.co/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-23 01:01	https://mail.apple-icloud.us/icl26	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-23 01:01	http://apple-icloud.us/icl26	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-22 01:03	http://mail.apple-icloud.us/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-22 01:02	http://mail.long-icloud.us/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-22 01:02	https://mail.icloud-longin.com/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-22 01:02	https://apple-icloud.us/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-21 13:02	http://icloud-longin.com/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-21 13:02	http://long-icloud.us/icl264	OpenPhish urlscan	Details
2026-06-24 01:30	2026-06-15 14:01	http://icloud.com-buscar.help	TweetFeed	Details
2026-06-24 01:30	2026-06-03 01:01	https://icloudmailservice.sviluppo.host/v1/service	OpenPhish urlscan	Details
2026-06-24 01:30	2026-05-29 17:32	https://vip.gaokao.icloudwisdom.com	urlscan	Details

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

URL	Screenshot	Details
http://icloud-com.co/icl26 OpenPhish urlscan		Details
https://mail.icloud-com.co/ic… OpenPhish urlscan		Details
https://icloud-com.co/icl264 OpenPhish urlscan		Details
https://mail.apple-icloud.us/… OpenPhish urlscan		Details
http://apple-icloud.us/icl26 OpenPhish urlscan		Details
http://mail.apple-icloud.us/i… OpenPhish urlscan		Details
http://mail.long-icloud.us/ic… OpenPhish urlscan		Details
https://mail.icloud-longin.co… OpenPhish urlscan		Details
https://apple-icloud.us/icl264 OpenPhish urlscan		Details
http://icloud-longin.com/icl2… OpenPhish urlscan		Details
http://long-icloud.us/icl264 OpenPhish urlscan		Details
http://icloud.com-buscar.help TweetFeed		Details
https://icloudmailservice.svi… OpenPhish urlscan		Details
https://vip.gaokao.icloudwisd… urlscan		Details

Legitimate Apple URLs always end in apple.com (e.g. www.apple.com, account.apple.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not Apple.
The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
If you got the link from email, SMS, or social media, do not click it. Open apple.com from your browser bookmark or type the domain manually.
Real Apple pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.