So, today was going fine, until I got a Apple Store phishing email. I opened the mail in Windows 10 Mail, which I use for my Apple ID. To my shock, the mail said my Apple account had been used to make a purchase worth $370.
Of course I hadn’t done that. So, here’s how to tell it’s a fake mail.
First of all, DO NOT CLICK on any links in such mails.
I noticed that the sender of the mail was not Apple, but a personal email address registered to Apple. The email address was “firstname.lastname@example.org”, and the mail was an invoice for a DJI-SPARK by Fly Drone purchase.
This Apple Store phishing email claimed that the purchase was made at an Apple Store, using an iPhone. I don’t have an iPhone, and neither have I used one (Android user since 2010). I do have an Apple iPad 2017, but since I have 2-step verification enabled for my mobile number, any login attempt needs either my approval from the iPad or a verification sent to my phone number.
What surprised me the most, was the fact that nobody knows that this email address, is the one I use with my Apple ID.
The name on the order was a random one, Bradley T. North, and the address was somewhere in Wyoming. The zip code howeve,r points to Nutriosa (which appears to be some no-man’s land) in Arizona.
I know how phsishing scams work, when I click the URL, it will no doubt take me to a page where I will be asked to enter my Apple ID and password, which will result in chaos. So, I avoided that.
The scammers use of the English language was highlighted by the following sentences:
The order update will automatically shipped to you no longer than 24 hours
To cancel this order or manage your order details, Verify your billing
Then follow the instuctions to cancel this order.
And to finish off the phishing scam, the email was signed with the words:
Well, that is a heartfelt receipt if I have ever seen one.
I have forwarded the Apple Store phishing email to email@example.com. Follow these steps given at the Apple support portal.
Though I am certain that this was just a phishing attempt, as a precaution I have changed my password, and removed my cards from the Apple payment system (for now).