Cybercriminals have turned Apple’s security notifications into weapons. They craft bogus Apple IDs, stuffing phishing lures into name fields. A simple tweak to shipping details triggers legitimate alerts from Apple’s servers. Those emails land in victims’ inboxes, complete with authenticated headers. Panic sets in. Victims dial the scammers. The ploy surfaced in reports this week. A reader forwarded a suspicious message to BleepingComputer . It looked routine at first—an account update notice for [email protected] . But buried in the body: “Dear User 899 USD iPhone Purchase Via Pay-Pal To Cancel 18023530761.” Then the change note: “Shipping Information.” Sent from [email protected] . Headers confirmed authenticity: DKIM pass, SPF pass, DMARC pass. IP 17.111.110.47, Apple’s own. Attackers split the bait across first and last name slots during Apple ID setup. Each field holds plenty of characters. They alter shipping info next. Apple fires off the alert, embedding the names verbatim.…