Fifty bucks is a lot of money, so I understand why a 76-year-old woman from Upper Macungie Township became concerned when she got an email confirming she paid that amount for a video game on her iPhone.
The email, which said it was from iCloud, offered her a link to cancel the purchase if she hadn’t authorized it. She jumped at that chance, but quickly wished she hadn’t.
The link took her to a website that asked her to enter her name, Apple ID username and password, address, birth date, Social Security number and credit card number. She dutifully typed it all in and submitted it. Only then did she wonder if she had been ripped off.
“As soon as I did that I thought, ‘Oh, what did you do?’” she told me.
The woman, who asked that I not identify her so she isn’t targeted with more scams, said she took the email to the Apple Store in Whitehall Township, where employees confirmed she had been deceived.
“This is a lesson learned the hard way,” she told me. “Apple said even though it looks official, iCloud would never send you a bill. It would come from iTunes with the Apple logo.”
She scrambled to minimize the damage, canceling her credit card and putting a fraud alert on her credit reports. She had to change her Apple ID log-in information, and she notified her bank as a precaution even though her bank account information wasn’t requested on the form.
“It’s created quite a bit of trouble for me,” she said.
She also contacted me, so I would warn others about the scam.
“I don’t want anybody else falling for it,” she said.
Apple did not return my call, but the Better Business Bureau told me it is familiar with this scheme.
Some people have received a phony receipt for a new iPhone 8 in their email accounts, said Kelsey Coleman, spokeswoman for the BBB for eastern Pennsylvania. The large purchase amount apparently is meant to lure some to click the cancellation link.
Other variations of this scam that targeted a few of my co-workers involved fake email invoices for buying extra storage space or an iTunes membership.
The email that duped the Upper Macungie woman had clues that it wasn’t legitimate. While the “from” line said it was from iCloud, the email address it was sent from wasn’t an iCloud address, or even one from iTunes or Apple.
There also was awkward grammar in the subject line, which read: “Apple Purchase Successfully Payment Confirmation Clash of Clans, Box of Gems.”
This isn’t the first time I’ve seen this type of fraud. In June, I wrote about a Bucks County woman who received a deceptive email that impersonated PayPal. It also offered her an opportunity to cancel a purchase she supposedly had made. She tried it, but luckily for her, the link failed and she wasn’t prompted to enter any information.
If you get a purchase confirmation email that you weren’t expecting, don’t panic. Take a close look at it. Don’t click on any links or attachments. Rather, check it out through other resources, such as looking at your iTunes account or whatever account is referenced. Check your credit card or bank account to see if there is a record of the purchase there.
If you’re certain you didn’t make the purchase, delete the message, making sure not to click on any links or attachments.
If your payment records indicate you made the purchase, but you really didn’t and it was made by someone using your stolen information, contact the merchant and dispute the charge. You may have to dispute it with your credit card or bank, too.
When considering emails such as this one, take a close look at the greeting. If it is generic, such as “Dear customer,” it may be fraud because most legitimate companies you do business with will address you by name in their official correspondence.
ICloud users should be on the lookout for another scam as well, this one coming by phone.
Con artists are calling people across the United States and Canada, claiming their iCloud accounts have been hacked, according to a recent BBB warning. The callers are persistent, with some people receiving 10 or more calls a day. The calls may display “Apple Inc.” or the name of your local Apple Store on your caller ID.
The calls are robocalls that claim to be from Apple Support and inform you that your iCloud account was hacked. You’re asked to stay on the line and speak to a “technician.”
If you stay on the line, the “technician” will ask for remote access to your computer to fix your account, according to the BBB. That can expose you to identity theft by giving them an opportunity to install malware that records passwords or hunts for information on your computer such as bank account numbers.