Someone has created an Apple ID using an email address in a domain I own

security password accounts apple-id verify

I own "mydomain.com" (actually something else!) and have a catchall to receive all emails sent to any [email protected] Earlier this week I received an email from [email protected] asking me to verify [email protected]. This person is unknown to me. I did not verify.

I have now received this email:

Dear Anne Pearson,

The password for your Apple ID [email protected] has been successfully reset.

If you believe you have received this email in error, or that an unauthorized person has accessed your account, please go to iforgot.apple.com to reset your password immediately. Then review and update your security settings at appleid.apple.com

Has this person succesfully greated an Apple ID account with an email address she doesn't own?

If so, what can I do?


I think this may be a phishing. I advise you to check the 3 following key points:

  1. Within the headers of the 2 E-mails you received, verify they are really originating from apple.com .
  2. Verify the included URL is really within the apple.com domain.
  3. Within the headers, verify there isn't any Return-Path: outside of apple.com .

Has this person succesfully greated an account with an email address she doesn't own?

I don't think you can say they successfully created one, as they will never be able to use the email to verify anything sent to it from Apple. Most likely they just accidentally entered your domain name. Is it similar to another more popular domain name? A one off typo?

If so, what can I do?

Smile and imagine how perplexed they are that they never get the verification emails Apple tells them they are sending. They have not taken anything from you or done anything to you. Therefore, there is nothing for you to do.


Everything looks to be explainable by someone using your email address as the string for their Apple ID.

This could be an innocent mistake or them wanting you to perhaps consider selling your domain to them by them squatting on your name space for Apple's iCloud service / Apple ID service.

If you don't even plan to use Apple's products or this email address you could simply ignore all the emails - make a rule and just never confirm any account that tries to use that email.

The "what can I do" boils down to if you care if they have an account with Apple using your email? You could fight it, but it will take some time and perhaps writing a letter to Apple to clear things up.

As long as you don't verify that email - it won't work for that person and they will need to provide another email to use that Apple ID. They will have squatted on that AppleID but nothing else. Apple uses a two step email verification process to ensure that someone doesn't accidentally or intentionally get an email that they do not control listed for an Apple ID.

You could also log in and take control of that account but I've not seen Apple spam unverified email accounts and that person will likely tire of manually logging in and sending verification emails to an account they don't control. More likely, they will delete that email from the Apple ID and move on.


When I tried to create a new apple ID using my email I was told that an account under that username or email already exists. So when I requested to change password I received an email in Vietnamese addressed to someone else. So I can confirm that someone can create an apple ID using anyone's email address.


I just had a similar experience and got off the phone with a rep from Apple and they said there is nothing they can do to help. Any email account can be used to sign up for an apple ID if it has not already been used as an apple ID, so someone used my other email account, not linked to Apple as their ID log in name. Their email is the emergency email and only they know the security questions to make changes to the account and if you forget the security questions, Apple sends an email to the emergency email, not the main email, so this guy will get that email and will still be in control of the security questions required to make changes. So Apple could do nothing and this guy is allowed to use my email as his apple ID as long as he wants and I will receive emails from Apple when he uses his device, etc. I did change the password to my email account, in case it was hacked and to the Apple account, so unless he resets it with his backup email, he can't get in and I will play that game until he gets so annoyed he stops using my email address. He probably has a credit card assigned to the account, but it is not my card and I can't access those areas to see because you need to answer the security questions. It's a catch 22 and is super annoying.

Related

Can I modify a terminal command to do additional stuff?
What was the very first Apple product?
Where is the terminal application on the filesystem?
echo color coding stopped working in mountain lion
I want my Mac running Sierra, to stop hiding dock when I enter "Command+Option+D"
Is it normal to have same user logged in twice but from another TTY?
Is there a way to make the alarm clock much much louder?
How can I identify the macOS version from the command line? [duplicate]
Why is the speaker next to the camera magnetized when my laptop is off?
Removing rounded corners from a <select> element in Chrome/Webkit
Git: can I suppress listing of 'modified content'/dirty submodule entries in status, diff, etc?
Convert row to column header for Pandas DataFrame,