Apple scams: fake iTunes, App Store, Netflix and 'account suspended' emails to avoid

Rights, Scams and Politics

26 March 2017

Apple has millions of active users worldwide which makes the brand a popular target for scammers. Here are some of the most common Apple scams going and how to avoid and report them.

Sections

How much did you pay for downloading that song?!

A phishing scam email from last year tried to trick users into thinking that they’d spent around £20 downloading a song from iTunes.

The message encourages users to click on a link to ‘cancel and manage subscriptions’ which inevitably takes them to a dodgy site asking them for their personal details. Once users enter their details, scammers use them to steal cash and even commit identity theft.

Other iTunes users have been sent phishing links via text message.

iTunes and App Store invoices that are all wrong

This email will tell you that you’ve paid for something you didn't order, and that it’s going to the wrong address. It's similar to the previous phishing scam in that you’re given a link that lets you cancel your order and hopefully salvage your cash.  

Of course, you’ll be taken to a fake ‘cancel order’ website that will capture card details and other personal details you enter into the web forms.

I didn’t even know I downloaded Netflix

Netflix has been roped into the Apple scam stratosphere. This scam includes an invoice for a subscription to Netflix that doesn't exist.

It works in much the same way as other phishing scams: you'll be redirected to a fake website to enter your card details and they'll be harvested by scammers.

Check your credit report

Apple account suspended

Another email which regularly does the rounds is the ‘account suspended’ scam.

The victim is told to click on a link which will tell them to complete a validation process, or face their account being suspended. The link will lead to a site which looks like Apple’s official website, but is designed to harvest your details.

What’s even worse is that there are reports of anti-scam investigation software built into the fake site. If you were to enter false data such as ‘scam’ into a field on the form, you’ll be redirected to a Google search for illegal pornography.

Emails claim to be part of a routine ‘security check’ which the victim allegedly failed.   

‘Security notice’

Speaking of security, this phishing email will tell you that your Apple ID has been locked because you logged in from an unrecognised device. The email even lists the date time and/or location of the supposed log-in.

You’re warned that failure to log-in will permanently suspend your Apple services.

Twitter user Kyle Roth takes us through some of the classic warning signs of a scam email. Be vigiliant. 

How to spot a scam Apple email

Apple says: "The iTunes Store will never ask you to provide personal information or sensitive account information (such as passwords or credit card numbers) via email".

Websites that require Apple account information have apple.com, such as http://store.apple.com, or iforgot.apple.com (with the exception being iCloud.com).

Over email, Apple will never ask you for your:

  • Mother's maiden name
  • Full credit card number
  • Card security code

All account-related activity takes place through the iTunes app rather than the browser, so that should be your first clue that something's amiss.

But if you're still not sure, Apple has some tricks up its sleeve to help you protect your accounts:

  • Turn on two-factor authentication for your Apple ID, so that your password alone is not enough to access your account;
  • Learn more about security and your Apple ID. Use a strong password, pay attention to notifications about your Apple ID, and always keep your contact information secure and up to date;
  • Learn how to verify that your browser is securely connected to iCloud.com and other sites. Pay attention to warnings about expired certificates or untrusted connections;
  • Don’t click any link in or reply to an email or text without verifying the sender. Instead, go to the company’s website, find their contact information, and contact them directly about the issue;
  • Don’t click any link or button on a website without making sure that the address (URL) of the the company’s website appears to be correct;
  • Don’t open or save attachments from unknown senders. If you receive an attachment that you weren't expecting, contact the company to verify the contents.

Or if you’ve already received a scam email, use one of these email addresses to report it. These email addresses are monitored by Apple, but just be aware that you might not receive a reply to your report:

  • If you receive what you believe to be a phishing email, send it to reportphishing@apple.com
  • To report spam or other suspicious emails that you receive in your iCloud.com, me.com, or mac.com Inbox, send them to abuse@icloud.com;
  • If you receive a suspicious message about your account activity in the iTunes Store, App Store, or iBooks Store, get in touch with iTunes Support at www.apple.com/support/itunes/store.

If in doubt, check your credit report for anything suspicious. Get a 30-day free trial with loveMONEY today

Comments

Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.