Apple App Store Scam Stealing Credit Cards: What to Do

Apple is warning customers about a new phishing scam that aims to steal their information by duping them into believing they signed up for a subscription agreement.

Credit: 9to5Mac

(Image credit: 9to5Mac)


According to 9to5Mac, which obtained a copy of an e-mail, you'll receive a message about a "subscription confirmation." The e-mail has the same design and uses the same font as a legitimate Apple e-mail and appears to list all the information you'd see in a legitimate message. Since it's a subscription, it aims at highlighting a regular charge, prompting victims to want to stop Apple from charging them on a regular basis.

Of course, if you want to cancel your subscription, you'd click on the link in the e-mail that says "Cancel Subscription." However, when you do so, it takes you to a page that asks you to input your Apple ID details, credit card information, and other data. If you do, you'll be handing over your information to the hackers.

How to Protect Yourself

Apple published the following advice on its website to help you determine whether a given Apple-related email is legit.

"Genuine purchase receipts—from purchases in the App Store, iTunes Store, iBooks Store, or Apple Music—include your current billing address, which scammers are unlikely to have. You can also review your App Store, iTunes Store, iBooks Store, or Apple Music purchase history.

Emails about your App Store, iTunes Store, iBooks Store, or Apple Music purchases will never ask you to provide this information over email:

  • Social Security Number
  • Mother’s maiden name
  • Full credit card number
  • Credit card CCV code"

Apple also said that affected users should contact the company at "reportphishing@apple.com" to report phishing scams.

MORE: Meet Apple's New Weapon Against Phishing Attacks

Phishing Scams Getting Worse

Phishing scams are nothing new, but they're getting more sophisticated all of the time. They mimick a legitimate e-mail or message from a company and coax you into clicking on malicious links that would ultimately allow hackers to steal your information. And truth be told, the latest App Store subscription phishing e-mails are quite convincing.

However, if you take some time to review them, you might quickly find some problems that would tip you off to a scam.

For one, Apple typically lists your credit card and its last four digits in its confirmation e-mails. The phishing scam only says "By Card." The biggest tell is on the Cancel Subscription link. Whereas Apple's e-mail asks you to "review your subscription," the scam e-mail has a link that says "Cancel Subscription," followed a string of characters. One other tiny giveaway: the copyright icon is wrong.

Although it's unknown how widespread the latest phishing scam is, it's bad enough that Apple has issued a support document detailing what people should do to safeguard themselves from phishing scams.

TOPICS

Don Reisinger is CEO and founder of D2 Tech Agency. A communications strategist, consultant, and copywriter, Don has also written for many leading technology and business publications including CNET, Fortune Magazine, The New York Times, Forbes, Computerworld, Digital Trends, TechCrunch and Slashgear. He has also written for Tom's Guide for many years, contributing hundreds of articles on everything from phones to games to streaming and smart home.

Latest in Mobile Apps
How to tour the Super Bowl stadium virtually with Google Maps
Google Maps glitch is purging Timeline data — what we know
Gboard app logo on mobile phone resting on a keyboard
Google Gboard redesign has already angered users — and I can see why
Waze app on iPhone in car
Forget Google Maps — Waze just got a huge upgrade that will help millions of drivers
A photo of the Apple Maps app tile displayed on an iPhone screen
Apple Maps may soon get ads, letting businesses pay to boost visibility
How to delete TikTok
TikTok confirms return to Apple and Google app stores — here’s what we know
How to tour the Super Bowl stadium virtually with Google Maps
Google Maps is adding this new feature for millions of drivers to make your ride safer
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Wednesday, March 19 (#647)
Chromecast with Google TV connected to display
Google finally pushes out full Chromecast fix for users who factory reset — here’s what to do
A picture of a skull and bones on a smartphone depicting malware
Hundreds of malicious Android apps with 60 million downloads found spamming Android users with ads and stealing credentials
Switch 2 console and logo
Nintendo Switch 2 rumor just tipped possible release date — and it's much sooner than we thought
Hacker typing on laptop in darkened room
Hackers create "BRUTED" tool to attack VPNs – how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs