Skip to main content
News Directory 3
  • Business
  • Entertainment
  • Health
  • News
  • Sports
  • Tech
  • World
Menu
  • Business
  • Entertainment
  • Health
  • News
  • Sports
  • Tech
  • World
Beware of New iCloud Storage and Fake Slack Malware Scams - News Directory 3

Beware of New iCloud Storage and Fake Slack Malware Scams

April 20, 2026 Lisa Park Tech
News Context
At a glance
  • A resurgence of phishing scams targeting Apple users has been observed, with attackers reviving a deceptive tactic that falsely claims iCloud storage is full to trick individuals into...
  • The scam typically begins with a pop-up notification or email that mimics Apple’s official design, alerting the user that their iCloud storage has reached capacity and urging immediate...
  • Once credentials are submitted, the fake site progresses to a second stage requesting payment details under the guise of upgrading iCloud storage.
Original source: malwarebytes.com

A resurgence of phishing scams targeting Apple users has been observed, with attackers reviving a deceptive tactic that falsely claims iCloud storage is full to trick individuals into revealing payment information. Security researchers at Malwarebytes confirmed the reappearance of this scheme in mid-April 2026, noting its evolution to include more convincing fake interfaces and broader distribution channels.

The scam typically begins with a pop-up notification or email that mimics Apple’s official design, alerting the user that their iCloud storage has reached capacity and urging immediate action to avoid service disruption. Unlike generic storage warnings, these fraudulent messages direct users to a counterfeit login page hosted on a domain designed to resemble apple.com, where they are prompted to enter their Apple ID credentials.

Once credentials are submitted, the fake site progresses to a second stage requesting payment details under the guise of upgrading iCloud storage. Victims are led to believe they are purchasing additional space through a legitimate Apple service, but instead, their credit card information is harvested by threat actors for fraudulent use.

In parallel, researchers have identified a related threat involving a malicious Slack installer distributed through unofficial websites and deceptive advertisements. This fake application, when executed, installs a hidden desktop environment on the victim’s machine, allowing attackers to run unauthorized commands, access files, and monitor user activity without detection.

The hidden desktop feature operates by creating a secondary user session that remains invisible to standard system monitoring tools, enabling persistent access even after the initial infection vector is removed. This technique, known as session hijacking or desktop spoofing, has been increasingly adopted in malware campaigns targeting both individual users and enterprise environments.

Malwarebytes emphasized that both threats rely on social engineering rather than software vulnerabilities, exploiting user trust in well-known brands and services. The iCloud scam, in particular, capitalizes on the widespread reliance on Apple’s cloud ecosystem for photos, backups, and document synchronization, making the threat of lost access particularly effective at prompting hasty decisions.

To mitigate risk, users are advised to verify the authenticity of any storage warning by checking iCloud status directly through the Settings app on iOS or System Settings on macOS, rather than clicking links in unsolicited messages. Official Apple communications never request payment details via pop-ups or external websites.

Similarly, Slack should only be downloaded from the company’s official website or trusted app stores. Any prompt to install Slack from a third-party site, especially one offering a “free upgrade” or “enhanced version,” should be treated with suspicion. Enterprise IT teams are encouraged to enforce application allowlisting and endpoint detection tools to prevent execution of unverified installers.

As of April 2026, neither Apple nor Slack has issued a public statement addressing these specific campaigns. However, both companies maintain active phishing reporting channels and regularly update their security guidance to help users recognize and avoid fraudulent attempts to compromise accounts or devices.

Share this:

  • Share on Facebook (Opens in new window) Facebook
  • Share on X (Opens in new window) X

Related

Browser guard, ChatGPT, scams

Search:

News Directory 3

News Directory 3 catalogs US newspapers, news services, newsstands and digital news outlets across all 50 states. Browse local publishers by city, state, or topic, and follow current headlines linked back to their original sources.

Quick Links

  • Disclaimer
  • Terms and Conditions
  • About Us
  • Advertising Policy
  • Contact Us
  • Cookie Policy
  • Editorial Guidelines
  • Privacy Policy

Browse by State

  • Alabama
  • Alaska
  • Arizona
  • Arkansas
  • California
  • Colorado

© 2026 News Directory 3. All rights reserved.
For contact, advertising, copyright, issues email: office@newsdirectory3.com