I just received a text message as an [Apple Security Alert] stating,
we have noticed that your Apple id was used at “APPLE STORE” for $143.95, paid by Apple Pay Pre Authorization.
This appears to be a phishing scam?
[Edited by Moderator]
iPhone 13, iOS 17
phishing That's not an Apple telephone number.
Fraudsters are getting very good at imitating Apple messages and sometimes the only indication in an email is very subtle. Have a look at this thread. https://discussions.apple.com/thread/255639814 It can be very hard to tell from an email alone if it is authentic. The best way to check is to use an independent way through Apple's own resources to confirm what the communication claims. Scams (e-mail, text messages, and phone calls) are getting very good at closely imitating true Apple communications. Always be cautious. These support articles have some guidelines:
About identifying legitimate emails from the App Store and iTunes Store --> Identify legitimate emails from the App Store or iTunes Store - Apple Support
Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support
Avoid scams when you use Apple Cash --> Avoid scams when you use Apple Cash - Apple Support
About Gift Card Scams --> About Gift Card Scams - Official Apple Support
If you are uncertain about a message and a resource provided in that message, do not click on any links in the message. Try to use an Apple resource you know is valid to independently verify what the message is claiming. Go to a support article page on apple.com and use the instructions in the article to verify though Apple itself, or use an Apple device feature such as Settings or an Apple app. To ask Apple start at this web page: Official Apple Support
- Apple e-mails address you by your real name, not something like "Dear Customer", "Dear Client", or an e-mail address* However, having your actual name is not proof this isn’t phishing. Compromised databases may have your name and address in them.
- Apple e-mails originate from @apple.com or @itunes.com but it is possible to spoof a sender address. "Apple email related to your Apple ID account always comes from appleid@id.apple.com." - About your Apple ID email addresses - Apple Support
- Set your email to display Show Headers or Show Original to view Received From. Apple emails originate from IP addresses starting with "17.".
- Mouse-over links to see if they direct to real Apple web sites. Do not click on them as this just tells the spammer they have a working e-mail address in their database. If you are unsure, contact Apple using a link from the Apple.com web site, not one in an email.
- Phishing emails may include account suspension or similar threats in order to panic you into clicking on a link without thinking. They may report a fake purchase in order to infuriate you into rashly clicking on a false link to report a problem. March 2018 post by Niel There was a fraudulent order on my apple … - Apple Community - "Emails saying that your Apple ID has been locked or disabled are always phishing. If one actually gets disabled, its owner will be told when they try logging into it instead of through email."
- Apple will not ask for personal information in an e-mail and never for a social security number.
- Scams may have bad grammar or spelling mistakes.
- Apple will not phone you unless it is in response to a request from you to have them call you.
* Exception: I got email saying my ID is expired! Does… - Apple Community
Forward email attempts as an attachment (in MacOS Mail use the paperclip icon) to: reportphishing@apple.com then delete it.
If this is with regard to a supposed purchase, this Apple article has relevant information and web links for checking if you really have made a purchase or paid for a subscription: If you see ‘itunes.com/bill‘ or an unfamiliar charge on your bank, credit card, or debit statement - Purchases made under Family Sharing might be charged to the organizer's card but will not appear under the organizer's purchase history or subscriptions. Ask family members about those or check your receipts. --> If you see 'apple.com/bill' on your billing statement - Apple Support Apple will email a receipt to the Family Organizer if a purchase is made on a card held by the Family Organizer. This will have the Apple ID of the purchaser, which you should recognize, but won't have specific about what was purchased.
“Don't answer suspicious phone calls or messages claiming to be from Apple. Instead, contact Apple directly through our official support channels.”
”To report a suspicious SMS text message that looks like it's supposed to be from Apple, take a screenshot of the message and email the screenshot to reportphishing@apple.com.”
You can report phishing at these links and most importantly your local law enforcement.
Learn about how not to be a victim of Social Engineering.
Hello~ This is a well known scam. Posting the scammer’s information here doesn’t help either as it only perpetuates the scam. Click on below…
~Katana-San~
Kriistiina89 wrote:
I've of course Deleted and reported Junk but i have NEVER got anything like this BF.. I get a lot of fake auto e-transfers from …
PS: Given the fake transfers, shut off automatic acceptance of Apple Cash payments, too. That’ll entirely block another whole class of scams you probably haven’t seen yet.
Scams? The scammers will send you a cash payment from a compromised payment card, and will request or demand some or all of that payment back. The payment card provider will eventually claw back the fraudulent payment, and you’ll be out whatever you sent to the scammers.
Shutting off the default auto-acceptance feature in Apple Cash means they can’t even start that scam.
You can manually accept payments from those you do expect to be sending Apple Cash to you.
TiredOfDishonestApple wrote:
This is the text message I received yesterday from 1-8******6:
Your Apple ID was used to make a $155.90 purchase at the Apple Store via Apple Pay . If you didn't authorize this, call Apple Support at (88******43
Oh, wow, I think you get the daily prize for posting the highest bogus "bill" from this particular phishing spam campaign. 🤪😉
This is one of many common scams.
Here are some few of the many scams: Recognize and avoid social engineering schemes including phishing ...
The "pervert" sextortion spam scam is another and recently popular scam — no, they don't have the videos and images they claim to have — and that scam is discussed around here, and elsewhere on the 'net.
My daughter got the exact same message, amounts and all. This is obviously a phishing attempt. Do not call them. Rather, scroll down to the bottom of the message and click: "report junk," and then click on "Delete and Report Junk" so these criminal can be stopped in their tracks.
try2guess wrote:
I looked up the number that was left for me to call back – 855–775–****–support.apple.com/billing in the amount one 143.95. I turned off my phone setting to not show my Caller ID and when I called that number it rang about 10 times and then a male answered with “Apple Support” and the line was very noisy. I just said sorry I called the wrong number and hung up so I never did click on the link or anything because I have become super suspicious of emails like this.
It's a scam. Delete it and move on.
Hello~ Posting the scammers credentials here only perpetuates their scam. Delete it and move on. Click on below…
~Katana-San~
kreg56 wrote:
Got the same message exactly with the same amount but only on the iPad and not on the iPhone, I usually reply (on iPhone) that I am calling police before deleting and reporting and it usually stops the scammers.
That may well be flooding completely innocent bystanders though, as a classic harassment tactic involves spamming ~everybody with email or with calls, spoofing the source from the victim’s address or number, causing both automated responses to be aimed at the innocent victim, and mixed with irate responses.
One of my email addresses was once used for a email spam run, which showed there are a lot of badly configured email servers. I was getting bounces from misconfigured mail servers and a mix of irate replies for several days, and with the traffic overwhelming the local mail server processing the responses near the peak of the spam run. All that server was doing was running mail, during the worst of it.
Or, yeah, responding informs the spammer that the email or the number works, and is willing to engage. Which makes the contact info more valuable to sell to other spammers.
Put differently, please don’t add to the mess.
I just received the same alert.
I total ignored it.
By looking at the 1-808 number to call its a scam. Apples contact numbers are 1-800 not 1-808-
Do not respond to the text for them to know it’s a working number.
click report as scam and block.
Uterpio26 wrote:
I just got the same text message with the same amount and said if not my charge to call 8**-***-***. Very glad to see others have received the same so i know it is a scam.
Scams are automated, with programs used to send out these mail messages and these text messages.
Probably billions of these messages, each day.
Programs that can receive and process replies made to these various scam.campaigns, too.
While there is nothing personal about anyone sending out hundreds of thousands and millions of scam messages, some of these scams are better than others, and some are more personalized than others. The AT&T scams are quite well done, for instance.
With each data leak and with the people correlating and collating that leaked data, the ability to better personalize these scams improves, too.
Some small percentage of people will fall for these scams, and that means the rest of us keep getting spammed.
And yes, re-posting the scammers’ contact info can have two bad results: the scammers get more contacts, and a legitimate subscriber for the compromised number can get barraged with calls. Or the included number or the email might not be compromised. Some scammers will send out mail messages or text messages with somebody else’s contact info too, all intended to get thousands of irate replies aimed at the target of the spam campaign, somebody the scammer wants to harass.
I just got the same text from a strange email address: When I called the 802 number, the guy on the phone said the 143.95 charge was going to a dark website — basically causing panic. He then told me to download the Connectwise Control app — that has a really poor user rating and he would walk me through the steps on how to remove hen hacks. Regardless I’m letting my credit union know to be on the look pit for any charges out of state. I didn’t give the guy a lot of information.
iHolly43 wrote:
I too just received this text on 1/15/25:
Your Apple ID was used to make a $155.90 purchase at the Apple Store via Apple Pay . If you didn't authorize this, call Apple Support at +1 (8*8) **9 ***2
Upon copying & pasting the text here and noticing the typo of the space after Pay before the period tells me everything I need to know that this is a bs scam.
[Edited by Moderator]
Yeah, there’s the “pervert” and other sextortion scams, the “(3) viruses detected!” scams, the so-called “pig butchering” and other romance scams, your “arrested” relative needs help making bail, incessant barrages of two factor code account take-over scams, endemic counterfeit devices on offer, and all sorts of bogus bills.
Reddit has an endless supply of example scams: https://reddit.com/r/scams
Welcome to 2025.
PS: Apple recently renamed Apple ID to Apple Account, so there’ll be a brief fleeting moment when the Apple scams are really easy to pick out. Until the scammers catch up with the new name.
As stated above and in other replies in this thread, scam.
Messages listing an unauthorized purchase of anything from 1¢ to a billion dollars, the scammers can randomly select whatever amount they want you to to send them, same as they can make up the number of "viruses" they "found" "infesting" your system, and whatever random number of compromising photos and videos they claim to have "hacked", among many other scams.
Some write-ups on various scams:
WOW, I too just received a text " We have noticed that your Apple iCloud id was recently used at "APPLE STORE-CA" for $ 143.95, paid by Apple Pay Pre-Authorization. Also some suspicious sign in request detected. yada yada yada, keeps going on and wants you to call some +1 828xxxxxxx number.. I knew this was a scam BECAUSE,, I do not use Apple Pay and have no payment platform set up on my phone. Also the phone number is not correct for U.S.A.. It is comfort to see 'other' people report on this and yes, ironically the same dollar amount is listed. I just hope that individuals that 'use' Apple Pay do not fall for this.
[Edited by Moderator]
ric153 wrote:
My wife got this text from a Hotmail accountApple Approval Notice
And it's still the same scam. Delete it and move on.
Identifying Phishing Scams in text messages
