Apple ‘Subscription Confirmation’ Phishing Scam

Uploaded on 2019-02-20 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

In a wave of fake email messages to users Apple apparently claims that your due payment has been scheduled. It includes an attached PDF that supposedly contains information about the payment.

Opening the attachment reveals what appears to be a subscription confirmation receipt from Apple.  The receipt supposedly confirms that you have purchased a subscription for a popular music app and Apple will charge you an ongoing monthly fee.

The receipt explains that if you didn’t order the subscription or you think an unauthorised person has accessed your account, you should click a “cancel” link.

However, Apple did not send the email. Instead, it is a phishing scam designed to trick you into handing over your personal information to online criminals.

Clicking the link opens a fraudulent website that has been built to emulate the official Apple site. The fake webpage first asks you to log in with your Apple ID. Next, it asks you to complete a ‘Cancel Subscription” form. The form requests your name and contact details, your credit card numbers, and other identifying information.

After you submit the form, the site redirects you to the real Apple website. Meanwhile, the criminals can collect the information you supplied and use it to hijack your Apple account, conduct fraudulent transactions with your credit card, and, possibly, steal your identity as well.

Phishing scams like this one are very common. If you receive one, do not click any links or open any attachments that it contains. The Apple website includes information about identifying and reporting these phishing emails.

Hoax Slayer: 

You Might Also Read: 

Going Postal: ‘We Have Sent You a Message’:

« New Zealand Business Has Increased Cybersecurity Spending, Not Expertise
Trump Wants US Government To Prioritise AI »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The Josef Group (TJG)

The Josef Group (TJG)

The Josef Group Inc. is a certified woman-owned permanent staffing agency specializing in Information Technology, Engineering, and US Government "cleared" IT candidates.

GlobalPlatform

GlobalPlatform

GlobalPlatform’s specifications are highly regarded as the international standard for enabling digital services and devices to be trusted and securely managed throughout their lifecycle.

EUROCONTROL

EUROCONTROL

EUROCONTROL is a pan-European, civil-military organisation dedicated to supporting European aviation. We help our stakeholders protect themselves against cyber threats.

Cycode

Cycode

Cycode is the industry’s first source code control, detection, and response platform.

Plexal

Plexal

Plexal is East London's innovation centre and co-working space. We offer startups flexible memberships, giving them access to office space plus all the benefits and support they need to scale.

Global EPIC

Global EPIC

Global EPIC is an international cybersecurity initiative designed to combat growing world challenges by facilitating global collaboration in the field of cyber security.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

Perch Security

Perch Security

Perch is a co-managed threat detection and response platform backed by an in-house Security Operations Center (SOC).

Emagined Security

Emagined Security

Emagined Security is a leading provider of professional services for Information Security and Compliance solutions.

ITProTV

ITProTV

ITProTV is part of the ACI Learning family of companies providing Audit, Cyber, and IT learning solutions for enterprise and consumer markets.

NetBlocks

NetBlocks

NetBlocks is a global internet monitor working at the intersection of digital rights, cyber-security and internet governance.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

SkillsDA

SkillsDA

SkillsDA is pureplay company in cyber security involved in capacity building towards National Security.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

ABPGroup

ABPGroup

ABPGroup is Asia’s leading cybersecurity technology provider focusing on providing best-of-breed solutions that address today’s pressing challenges.

DOT Security

DOT Security

DOT Security provides advanced security services for businesses of all sizes.