A lot of you are receiving an alarming email, alerting you to an App Store purchase you didn’t make. This is the Apple App Store Purchase Scam, and you should review this, so that you don’t fall victim to it.

Scam Details

It starts with an email:

Apple App Store Purchase Scam

The email’s intent is to worry you into cancelling or disputing a purchase you didn’t authorize. It’s completely false — no purchase has occurred, and your AppleID has not been used. The email address is spoofed and you can’t write back to the sender. But, there is an attachment that looks like a bill. And inside the attachment is:

You should never open attachments from unexpected emails, but I did to show you this. More concocted details about a purchase that never happened, but the sender wants you to believe that you’ll be charged for this item. You should never click the links in such an attachment, but here’s what you would see, if you were tricked into doing so:

At least this is what I saw. Thank you, Google Chrome, for looking out for me. Not all browsers post this when you visit a phishing site, and this is why I push most people to use Chrome. If your browser doesn’t show this warning, then the scammer’s invoice links will take you to:

Apple? No, but it is a very convincing copy of Apple’s website. So convincing that I worry that some people will type their email and Apple password into it. But that would be the worst thing to do. Anyone who types their info into this phishing website will be handing their password over to criminals.

And how bad will that be? Once a thief captures your email address and Apple password, they will log into your iCloud account from their location and try any or all of the following:

  1. Change the password to lock you out of your account and devices.
  2. Go through your address book and contact everyone with spam or scams.
  3. Look through your photos and videos for blackmail material.
  4. Use your account on their devices to make purchases.
  5. Access your Apple email account to reset passwords for other dependent accounts (Facebook, Amazon, etc.).

How to Respond

If you receive this sort of scam email, just DELETE IT*. Don’t click on the links or attachments! You might also mark it as Spam, if your email/app/device offers that option.

If you’ve fallen for the Apple App Store Purchase Scam or know anyone who did, please seek to reset the AppleID password ASAP! Changing the AppleID password would lock the criminal out of the account and stop them from causing further damage. Also reach out to Apple Support or yours truly for any follow-up help.

* If you want to go the extra mile and report this type of scam, Apple welcomes you to forward the message to reportphishing@apple.com . Then delete the phishing email!