With the rise in convenient mobile wallets and payment systems like Apple Pay, there is a big incentive for scammers and compromisers to try and steal money. So how can you avoid these fake Apple Pay messages?
Avoiding scams online means looking at the message carefully for signs of compromise, not following links or opening attachments, not giving out any personal information, and verifying details through other methods.
We’ll go through some common fake and scam messages to see common things to look out for, as well as consider good security practices to avoid falling victim to these sometimes quite sophisticated attempts to rob you.
What Does a Fake Apple Pay Text Message Look Like?
To avoid falling for scams and fake messages, it’s important to go through the major tricks and patterns that these messages fall into.
One of the most common fake messages will claim that you have been overcharged, undercharged, are eligible for a refund, or need to confirm details.
Consider whether all the information in the supposed confirmation email matches your own account details, correctly refers to you by name, and account number, and syncs up with an actual recent purchase you made.
Opening attachments in this situation is a bad idea, as the attachment could be a malicious piece of software that acts like a Trojan horse.
However, if you can preview the attachment, it should show your full address if it is a receipt, and scammers won’t know what this is. So a missing home address or vague information could reflect it being a scam message.
Because these techniques rely on sending out millions of messages and hoping that a few people will respond, they have to be very generic, with openings like, ‘Dear Customer’. In the end, these scams are generally trying to get your Apple ID and password.
Apple won’t need to ask for your Apple ID or password, so if you get prompted to supply this information, it’s likely a scam.
Scammers can learn a lot from social media posts, so be aware of people impersonating friends or family. Just because someone mentions the name of your dog or recent vacation, doesn’t mean they are who they say they are.
Another common fake Apple Pay message tells you that your account has been locked and you need to log in to unlock it, with a link to the unlock page. This link is actually to a fake website that will collect your personal information.
You should be wary of any pop-ups and ads that say your device has a security problem, these are likely to not be official.
From a security standpoint, you are going to be contacted directly via your registered phone number or email if Apple or another company detects an issue. Indeed, Apple is very unlikely to ever call you unsolicited, particularly not for suspicious activity.
The scammers don’t generally always have access to the official email or phone number and so have to resort to pop-ups or advertisements.
Even so, if you receive phone calls, texts, or voicemails that sound like they’re from Apple Support, make sure to check what number it is coming from.
If you think it is a legitimate call or text, search for the official support number and call that instead of any number that you are told to call in the message.
Another common Apple Pay scam is to pretend to be from a big company or even a charity and request money. Be aware of unsolicited requests for money, and try to confirm the legitimacy of the request by contacting that person through other means.
Fake promotions that offer free products and prizes are a way to get your attention.
You should ask yourself why these products would be given out for free if you haven’t applied for them, and you should also check the company’s website to see if they are advertising this offer.
A common tactic that ties in with the fake messages is unwanted calendar invitations and subscriptions, if you notice such calendar events that you did not add or charge for a subscription, contact your bank to get more information in the latter situation.
Be wary of text messages or emails that contain links to external websites or have attachments.
Due to the huge amount of scams that are attempted this way, companies no longer do business like this over text or email, instead, you’ll be asked to log in to your account.
Keep in mind that scammers try to exploit this as well, by giving you a fake link to your account that instead redirects you to a site where they can see your username and password as you type it in.
Always open a new browser window and manually go to the Apple site and log in that way rather than following a link. You can select the link or hover over it with the cursor and see if the link text matches up with the actual URL, if it doesn’t it is 100% a scam.
For example, here I’m apparently linking to https://card.apple.com/ for you to log in, but instead, the website URL is Amazon.com.
Always compare the sender’s email or phone number to the official one, and look for any mismatches including spelling mistakes. While criminals are getting very good at spoofing or making their communications look legitimate if you look carefully it is easy to find an error.
Try and compare communications from previous, legitimate interactions you’ve had with Apple to see if the current font, letterhead, and layout matches to the suspected scam text.
Consider also whether you actually solicited help or the communication has come out of the blue. Be aware that scammers will try to pressure you to act quickly or not read documents by inventing fake crises or by falsely claiming that there is a security issue.
How To Avoid Scams
Scammers are generally looking to get personal information off you, so if you’re ever asked to share tax information, social security or bank details, think again about who it is you’re talking to. If you haven’t reached this person through official channels, it’s likely they’re not legitimate.
Scammers are also trying to cover their tracks, so if they require you to go through convoluted payment processes like sending cash through the mail or paying with gift cards, this cannot be above board and should be ignored and reported.
Once your suspicions have arisen, you should ask yourself why a normal payment is unacceptable to these people.
This is particularly the case if you’re already paying a company like Apple for a service; why can’t they just take the payment out of your saved method?
If you’re worried about Apple Pay transactions, log in separately to your Apple Pay account and check the list of the recent transactions to see if the transaction actually happened.
Finally, if you’re in the least bit suspicious, get a second opinion from someone else. For example, you could go to an Apple store and show them, or even a family member or friend who is into technology will be able to quickly tell whether it is a real communication or not.