Apple ‘Subscription Confirmation’ Phishing Scam

Uploaded on 2019-02-20 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

In a wave of fake email messages to users Apple apparently claims that your due payment has been scheduled. It includes an attached PDF that supposedly contains information about the payment.

Opening the attachment reveals what appears to be a subscription confirmation receipt from Apple.  The receipt supposedly confirms that you have purchased a subscription for a popular music app and Apple will charge you an ongoing monthly fee.

The receipt explains that if you didn’t order the subscription or you think an unauthorised person has accessed your account, you should click a “cancel” link.

However, Apple did not send the email. Instead, it is a phishing scam designed to trick you into handing over your personal information to online criminals.

Clicking the link opens a fraudulent website that has been built to emulate the official Apple site. The fake webpage first asks you to log in with your Apple ID. Next, it asks you to complete a ‘Cancel Subscription” form. The form requests your name and contact details, your credit card numbers, and other identifying information.

After you submit the form, the site redirects you to the real Apple website. Meanwhile, the criminals can collect the information you supplied and use it to hijack your Apple account, conduct fraudulent transactions with your credit card, and, possibly, steal your identity as well.

Phishing scams like this one are very common. If you receive one, do not click any links or open any attachments that it contains. The Apple website includes information about identifying and reporting these phishing emails.

Hoax Slayer: 

You Might Also Read: 

Going Postal: ‘We Have Sent You a Message’:

« New Zealand Business Has Increased Cybersecurity Spending, Not Expertise
Trump Wants US Government To Prioritise AI »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BMC Software

BMC Software

BMC provide solutions for IT service management, Cloud management, IT workload automation, IT operations, and mainframe system management.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

tietoevry

tietoevry

Tietoevry creates digital advantage for businesses and society. We are a leading digital services and software company with local presence and global capabilities.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

XLAB

XLAB

XLAB is an R&D company with a strong research background in the fields of distributed systems, cloud computing, security and dependability of systems.

CyCraft Technology Corp

CyCraft Technology Corp

CyCraft is an AI company that forges the future of cybersecurity resilience through autonomous systems and human-AI collaboration.

Keyless Technologies

Keyless Technologies

Simple, secure, and interoperable authentication. Keyless offers unmatched security, privacy and usability, while reducing risk and infrastructure costs.

Cipher

Cipher

Founded in 2000, Cipher is a global cybersecurity company that delivers a wide range of Managed Security Services.

Valarian

Valarian

Valarian (formerly Worldr) is on a mission to build cutting-edge solutions that empower borderless collaboration in the new era of digital sovereignty.

BlueAlly

BlueAlly

BlueAlly helps clients scale, optimize, and manage their IT resources to reach their business goals.

Seccuri

Seccuri

Seccuri is a unique global cybersecurity talent tech platform. Use our specialized AI algorithm to grow and improve the cybersecurity workforce.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

Match Systems

Match Systems

Match Systems provides blockchain investigations, KYC, KYT, AML, Due Diligence and compliance services.

Heron Technology

Heron Technology

Heron Technology are a technology solutions consultancy with core competencies in the areas of Cyber Security and Digital Aviation.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.

DataKrypto

DataKrypto

DataKrypto’s advanced data encryption solutions protect data throughout its lifecycle.