Me: *Minding my own business, getting my work done*

No one:

Absolutely no one:

Scammer: “Your Apple ID has been used to purchase …” 

Me: WHAT?!



Thank you for your Purchase

Ah, yes. Once again, we have an Apple scam on our hands. This finding is courtesy of one of my co-workers who happened to receive the email scam.

The “email from Apple” is in regard to a recent purchase made using her Apple ID on a device that is not recognized on the account. 

Luckily, working at a cyber security firm, I was excited to take a look at the new ploy. The email she received is pictured below.



How the Scam Works

All in all, the goal of the scheme is to send the receiver into a bit of a panic. This is due to the “unauthorized purchases” made on their account. In order to stop the purchase, they need to download the receipt. This then gives the attacker a few options. 

One, the downloadable file contains some type of malware that allows them into your device. Or, the download contains a link to a fraudulent website where you would enter your information. Thus giving the attacker access to your Apple ID account. 


Fraudulent Giveaway Indicators

At first glance, the email doesn’t appear to be a dead give away of a scam. But, when I took a closer look at things, small errors and other findings indicated that this was indeed a fraudulent email. 

Pictured below once again is the scammer email. But, this time, I highlighted all of the errors and giveaways I spotted that blew their cover. 



To begin, let’s break down the highlighted areas of concern.The overall issue with this email is that it contains many mistakes that a giant company like Apple would not be making. 

Let’s take a look at the areas of concern.


The Review

To start things off, the email address from “Apple” is a long scramble of words. Apple would never have an email address that looked like that. The email address used in the picture above doesn’t even say Apple in it. 

Next, the subject of the email is quite random and messy indicating it was not an official type of document. Companies of Apple’s size have a uniform procedure for emails. This includes subject and message body layouts to ensure uniformity across the board. 

Following the subject line, several grammar, spelling and punctuation errors dominate the message. The customer is not addressed by name, commas are all over the place, and iPhone isn’t even capitalized correctly. 

To round out the email, it prompts the receiver to download the document for immediate action, this is a red flag. As well as acting as though Apple ID is an acting entity of Apple thus signing that title at the end of the email. Apple ID is a feature, not a working body of Apple. 


Will the real Apple Support email please stand up?

All in all, the lesson here is to make sure you double check your emails from any company that require a download or any other type of immediate action. If your account is in actual danger, a company is not going to wait for you to read an email in order to stop the problem. 

The breakdown above goes to show that an extra few minutes of rereading an email can really make the difference when it comes to scams. Because at first glance, the email didn’t look too bad. But as we could see above, it was actually pretty terrible. 

If you are ever in need of true Apple support or have questions about your account, this link will take you to Apple’s support page. Also, you can always directly login to your account to view activity and purchase history. It’s better to be safe than sorry when it comes to your account and device security!


By Taylor Ritchey