Receiving security alerts can send you into a panic — and that’s what cybercriminals are relying on.
In the latest wave of scams targeting Apple customers, iPhone users receive a text instructing them to authorize a payment or contact a fraudulent support line if it is not authorized, lest they be debited the amount charged.
According to Mac Observer, these messages may say something like, “Apple Alert: We’ve detected a suspicious purchase of $412.38 made with your Apple ID at the App Store.”
Another reads, “Apple Approval Notice: Your iCloud ID was used at ‘APPLE STORE – CA’ for $143.95, paid via Apple Pay Pre Authorization. We’ve also detected suspicious sign-in and Apple Pay activation requests. To keep your account secure, we’ve placed these requests on hold. If this wasn’t you, contact an Apple Representative immediately to prevent auto-debit charges. Call now to cancel.”
“These messages create urgency, making you feel like your account is in danger,” Mac Observer explained.
“They use phrases like ‘suspicious activity’ and ‘unauthorized purchase’ to push you into acting quickly.”
The malicious actor will try to get you to call the legitimate-looking phone number listed in the message. When dialed, the number calls a fake Apple support agent who will attempt to trick you into handing over sensitive and personal information or allow them to remotely access your phone.
“Once they have access, they can install spyware, steal passwords and access your bank accounts while pretending to help you fix a security problem,” Mac Observer reported.
If you receive a message like this, expert sources recommend avoiding interaction with the sender and not clicking links.
To confirm whether unauthorized purchases were made or account security has been breached, the safest way to do so is to check directly with your bank or account. Phishing emails and texts can also be marked as spam and deleted.
There are a few ways to verify if an email or text are actually from Apple.
According to Mac Reports, Apple will always address customers by name, not “Dear Customer” or “Dear Client,” but cybercriminals still may have access to your name. Apple emails also come from “@apple.com” addresses and Apple ID alerts will come from [email protected], the outlet reported.
While email addresses can be spoofed, other telltale signs of a scam include misspellings in the message or the senders asking for personal information over email or text. Experts recommend hovering over links before clicking and remind Apple users that the company will not call customers first unless the customer requests it.
“Remember, Apple never contacts you unsolicited via text, email, or phone,” Mac Observer wrote.
“If you get such a message, it’s a scam. Always verify issues directly with Apple through their official channels.”