Please do not click any links in emails purporting to be from a company unless you are 100% sure that it is actually form them. I’ve been receiving these emails for a while now and on first glance they do look pretty convincing. This Apple ID scam email is coming more frequently and sadly some may have already fallen for this type of phishing.
It immediately makes you think that someone has hacked your account and is buying things using your Apple ID, and before you take a second to stop and double check the sender details of the email you may find yourself reaching to click the link in the email if you want to “cancel pending transaction”.
It is a scam … no-one has hacked your account but you can be sure that if you click that link and login your account WILL be hacked in the future!
So what does the email look like?
Your Apple Email ID, was just used to purchase “Secrets of the Inside / What a Wonderful Valley” by Chris Brown from the iTunes Store on a computer or device that had not previously been associated with that Apple ID.
If you made this purchase, you can disregard this email. It was only sent to alert you in case you did not make the purchase yourself.
If you did not make this purchase, we recommend that you go to http://apple.com/support/cancel_pending_transaction to cancel the transaction, Confirm that you’re the owner of the account and then follow the instructions.
NEVER, NEVER, NEVER click the link in an email like this – I removed the link and bolded it above to show you how convincing this email is.
If you need to access your Apple ID account, go directly to iTunes rather than ever clicking a dodgy looking (or in this case convincing looking) link.
Here is the info from Apple regarding identifying legitimate emails from the iTunes store;
Email messages that contain attachments or links to non-Apple websites are from sources other than Apple, although they may appear to be from the iTunes Store. Most often, these attachments are malicious and should not be opened. You should never enter your Apple account information on any non-Apple website. Apple websites that require Account information have apple.com, such as http://store.apple.com, or iforgot.apple.com (with the exception being iCloud.com).
This article describes what steps you should take if you feel you’ve received one of these malicious emails or your account information has been compromised due to an attempt to take your personal information (known as “phishing”).
What the iTunes Store will never ask you to provide via email:
- Social Security Number
- Mother’s maiden name
- Full credit card number
- Credit card CCV code
“Phishers” create elaborate websites that look similar to iTunes, but their sole purpose is to collect your account information. Often, a fake email will ask you to click on a link and visit one of these phishing websites to “update your account information.”
In general, all account-related activities will take place in the iTunes application directly, not through a web browser. If you are asked to update your account information, make sure that you do so only in iTunes or on a legitimate page on Apple.com, such as the online Apple Store.
If you have received a suspicious email, please notify iTunes Customer Support by visiting our website:www.apple.com/support/itunes/store.
- For tips on protecting the security of your iTunes Store account, see iTunes Store: Best practices for protecting the security of your account.
- For more tips on recognizing Phishing emails, see Identifying fraudulent “phishing” email.
- For information on how to recognize a secure website in Safari, see Safari: Using encryption and secure connections.
Please share this article so that everyone is aware of this new Apple ID scam email