You may have been scammed after you responded to an e-mail that appears it came from Apple. When hackers send e-mails that appear to come from a legitimate company like Apple (or Google, Microsoft, PayPal, etc.), with the objective of tricking the recipient into typing in passwords, usernames, credit card information and other sensitive data, this is called phishing.
Many phishing scams are in circulation, including the Apple one. Hackers know that tons of people have Apple accounts. So if they robotically send 10,000 phishing e-mails to random e-mail addresses, they know that they’ll reach a lot of Apple account holders. And in any given group of people, there will always be those who fall for the scam. Not me, though. Recently I received the following scam e-mail:
Your Apple ID was used to buy a iOS App “TomTom Canada” from the App Store on a computer or device that had not previously been associated with your Apple ID.
Order total: $ CAD 44.99
If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.
If you have not authorize this charge, Click here to login as soon as possible to cancel the payment!
When the payment will be canceled you will get a full refund.
Sincerely,
Apple Support
apple.com/support
A tip-off that this is fraudulent is the typos: “used to buy a iOS App…” (Hopefully you can spot the typo right away.) Another typo: “If you have not authorize this charge…”
A legitimate e-mail from a reputable company will not have typos or mistakes in English usage. And it’s unlikely it will have exclamation points, especially after words like “payment.” This e-mail really reeks of rotten phish.
Another red flag is that when you hover over the link, you get an unintelligible URL, or one that’s simple not Apple.com
Forward Apple phishing links including their headers to This email address is being protected from spambots. You need JavaScript enabled to view it..
Unfortunately, many people are ruled by shot-gun emotional reactions and promptly click links inside e-mails. Once they’re taken to a phony website, most are already sucked in too deep to recognize they’re about to be scammed.
Additional Information for Apple Account Holders
- Go to Apple ID: Security and your Apple ID to learn about Apple’s best practices.
You can quickly change your password at Apple ID.
Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.