Fake Apple Invoice Emails Are Designed to Steal Your Personal Information

Last updated: July 26, 2017

Scammers continue to target Apple customers via fake Apple Store invoice emails. The emails include the Apple logo and are designed to look like genuine Apple purchase notifications. But the purchases listed on these invoices are not real.  

In fact, the emails are phishing scams designed to steal your personal and financial information.

An  example of the scam email:
Apple Cancel Invoice Scam

Emails Include  Fake Cancel Payment Links

The fake invoice emails list  an item that they claim you have recently purchased, along with the purchase price, invoice date, order number, and other made up details. They  also include a “payment cancellation” statement  such as this:

If you did not authorize this purchase, please visit iTunes Payment Cancellation

It is this link that is the primary hook in these phishing scam  attacks. The scammers know that at least a few, less tech savvy, Apple customers will likely click the link in the hope of cancelling what they  believe is a fraudulent transaction that has been made via their account.

Cancel Payment Links Open Fake Apple Website

If they do fall for the ruse and click the cancellation link, they will be taken to a fake Apple website that asks for their Apple ID and password. Once they have supplied their sign in credentials, a fake “cancellation  form” will load in their browser.

Again, the page the form is on will include  the Apple logo and appear to be a genuine Apple page. The form will ask for name, address, phone numbers, and other identifying information. It will also ask for credit card numbers, ostensibly so that the supposed payment can be reversed. At the end of the process, victims may be informed that the payment  has been cancelled and their account has been secured.

Criminals Can Use Stolen Data For Fraud and Identity Theft

But, criminals can now collect the information that their victims supplied and  use it to take control of the compromised Apple accounts.  They can use the hijacked account to make fraudulent purchases and send spam and scam messages.  And, they can use the stolen credit card details to commit further fraudulent transactions. They may also attempt to steal the identities of their victims if the have been able to gather enough of their  personal and financial information.

Fake Invoice Emails a Common Criminal  Ploy

Fake invoice phishing attacks like this are very common.  They continually target customers of many high profile companies and service providers around the world.  If you receive  an invoice for an item or service that you have never purchased and have no knowledge of, do not click any links or open any attachments in the message.

Instead, log in by entering the address into your browser’s address bar or via an official  app.  If the  purchase described in the message is real, there will be details about it inside your account.

Report Apple Scam Messages

The Apple support website includes information about identifying and reporting scam emails.

Original Source : https://www.hoax-slayer.net/fake-apple-invoice-emails-are-designed-to-steal-your-personal-information/