Apple Warns About Convincing App Store Scam Emails That Steal Your Credit Cards
Apple is warning against a new wave of phishing attacks targeting iOS and macOS customers. The latest campaign sends app subscription renewal emails to Apple users, informing them their free trial is going to end after which their cards will be charged.
Carrying a "cancel subscription" link, the campaign depends on user urgency to get out of this and click on that cancel button. 9to5mac spotted an email that was sent about a YouTube Red subscription with a 1-month free trial and subsequent $144.99 per month renewal rate. The goal appears to be to trick people into clicking on the cancel link.
Apple warns against sharing your personal data
Clicking on that link, however, takes you to a page where you are asked to give up your Apple ID login information along with credit card details. Since this particular campaign has picked up a lot, a number of different criminal groups appear to be behind it, which means not everyone will see the same email format or asked about the same details.
But, it should be noted that Apple never requests this information through an email. The company has recently posted a new warning to stay safe from these legit-looking emails coming from App Store or iTunes Store.
Scammers often try to trick you into sharing personal or financial information by sending you messages or links to websites that might look like they’re from Apple, but their actual purpose is to steal your account information. Some phishing emails will ask you to click on a link to update your account information. Others might look like a receipt for a purchase in the App Store, iTunes Store, iBooks Store or for Apple Music, that you’re certain you didn’t make.
The iPhone maker reiterates here that "emails about your App Store, iTunes Store, iBooks Store, or Apple Music purchases will never ask you to provide this information over email:"
- Social Security Number
- Mother’s maiden name
- Full credit card number
- Credit card CCV code
Apple has added that users who believe they have been affected should contact the company at "email@example.com" to report Apple phishing scams and forward any suspicious emails. The company also advised that if you entered any personal information, change your Apple ID password immediately.