iTunes store account hacked

Micangelo wrote:

Chris CA,

Do you think I dont have the brain to do the thinking before you telling me what to do? I am sure most of us posting like this here does first the thinking and doing what to and where to complain...and Im sure they were not answered as we expected to be their answer that is why we do this noisy thing like doing here....Be nice replying posts

I was nice replying to posts.

You stated, "yes I am willing to pay....but if you cannot prove me with those reciepts".

I simply asked why you would pay if they are not your charges?

As I stated before, just tell Apple that those charges are NOT yours (f they really are not yours) and you wish to have the charges removed from your account.

Apple replied about my complain,but what they did is not the answer on what I am asking....I am asking for reciepts

They will not send you receipts, You can see them for yourself in your purchase history.

See this -> iTunes Store & Mac App Store: Seeing your purchase history and order numbers

all they do is replying me with those so many contracts statements when you subscribed itunes and those monthly paid apps...I

You don't subscribe to iTunes and pay a monthly fee.

You purchase apps and they are yours. You don't keep paying.

You can get annual/monthly subscription for magazines and newspapers but you can end your subscription.

Have you contacted Apple? It appears others have found resolution by doing so.

At the bottom right corner of every webpage here there is a "Contact Us" link. Easy and simple. You can also try this link as also suggested here in our user to user discussion help forum by MadMacs0:

https://expresslane.apple.com/GetproductgroupList.action

Good luck and I hope this helps you.

May God bless you this Christmas season.

PeNoXinh

Step 1and 2 above to start with, get them to deal with a fraudulent transaction.

I would also request a replacement card from your bank (the 16 digit number and code on rear will be different). This will effectively render the current card blocked and unable to be used.

Use this link for iTunes:-

http://www.apple.com/emea/support/itunes/contact.html

blinkie, the iTunes store and iPhones can be confusing as to how they both work together.

Here is a good place to start with familiarizing how the store works:

http://www.apple.com/support/itunes/purchases/

It is a great resource that may answer some questions. Good luck and I hope this helps!

As has been said numerous time in this thread, phone support is not available from Apple. You need to go to ExpressLane and fill out the form to get things started. That will get you through to the iTunes fraud unit, something the regular Apple Support folks won't be able to easily do for you.

Sounds like you have already done the most important thing by contacting your Credit Card company. You should also make sure that your credit reporting agencies put a freeze on your accounts so that the thieves can't use them to obtain a card in your name. You should assume that the thieves have the information from your account now.

There doesn't seem to be a single answer as to how this is happening. Some accounts are clearly being hacked, probably by guessing the password. In my wifes case, they never touched her account, having gotten her card number by some other means and simply using it in somebody elses account to make charges. Others have had their gift card immediately drained only a few minutes after it was first used. Many users have found themselves locked out of their accounts because the thieves changed the password. Once they got back in they found that all the personal information and the credit card number had changed.

Don't expect to get any detailed information from Apple on how this happend. They told me to have my lawyer contact their legal department with a court order in order to receive anything at all beside a refund.

blinkie and njb72, you don't need to provide your phone number to have an iTunes account. You can also remove all your credit card info from your iTunes Store account page. That way, with all purchases you will need to manually enter your credit card info each time. As for purchases auto downloading to your iDevice, the link I provided answers that and much more. Here is a direct link:

http://support.apple.com/kb/HT4539

Auto downloading of apps with all devices that share an Apple ID is a feature of iTunes, that can be easily turned off. It just takes a little time read the instructions on how the software works and how you can customize it to your likes.

Is there a number to contact iTunes/apple fraud team? Sorry if its already been posted, I'm trawling through pages but not seen it yet.

No number. See what I told njb72 just a few ago: https://discussions.apple.com/thread/2665383?answerId=20988882022#20988882022

sinatrix wrote:

Hello everyone! Well I just wanted to update everyone on something I found. Now, I have long moved on from apple after this whole ordeal, but I still love keeping up with tech news. Stumbled accross this this morning, thought I would share with everyone:

Apple Finally turns HTTPS on for the app store:

http://elie.im/blog/web/apple-finally-turns-https-on-for-the-app-store-fixing-a- lot-of-vulnerabilities/#.UTs8f1dQqds

For the protection of Apple's customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

The iTunes for Windows forum also has a thread running on Apple ID compromises, we've got a lot of people saying their account was accessed and apps were downloaded in Taiwan -

https://discussions.apple.com/thread/5691846?answerId=24351370022#24351370022

This is only over the last 2-3 weeks, really, but I see this thread has been running for over 2 years(!). My wife's account was accessed and her password changed, and 2 seemingly innocuous apps were downloaded. She's reset password and I'm urging her to enable 2-factor auth ASAP (I've done it).

If these are brute force attacks, the frequency of the access seems quite low: I wonder if there's a leak within apple (at least one poster on this thread says his account was hacked from within Apple!)... perhaps in Taiwan.

Alexda12345 wrote:

I found out my account got hacked when I fixed more money on my Apple ID and I really need help can someone help me get the money back or help me get my account back please I really need ur help

Contact your Credit card company and contact -> AppleID account security.

Was your own iTunes account used to buy the songs?

If so, then they do have your password and it doesn't matter that you added the info using an iPad over a year ago. Your card is on your account until you remove it, so it's likley that they just accessed it recently and did not have access prior to this time. It's not like they "waited" a year, they just did not access your account until now and just got that access now--using your password. If MalwareByttes does not have access to your computer's root, then it would be useless against some keyloggers. Also, who is it possible that you got an email you thought was from Apple, clicked a link in it, then entered your information onto a fake webform. That happens all the time.

If you want to see if your account was used to buy the songs, sign in and check your purchase history. You don't have to wait for reciopets. http://support.apple.com/kb/HT2727

Apple won't lock your account until you email or call to say it was used and that you never allowed it to be used. It's not thier job to determine who is using your card or stop someone from signing in and buying things- that is what an account is for. Here is how you contact them about this: http://support.apple.com/kb/HT5699 ( it elads to a phone call)

In the end, the whole thing does suck. Yes, I am an Apple customer and fan of them, and realistically I can assume that my information is safe with them--as long as my computer is safe from all malicious software and I know how to avoid phishing emails. No one is perfect.

Whatever though... no one on here wants to accept that they could have been duped or that thier computer's are not perfect.

** Hope you have the paid version of Malware bytes because the free one is ultimatly garbage.

Just in case you want to read about legit emails from Apple:

http://support.apple.com/kb/HT2075

http://support.apple.com/kb/HT4933

Best option for any customer:

Two-Step Verification:

http://support.apple.com/kb/ht5570

I am done with this thread. No one in the world wants to accept that things like this happen at the user end and just want things to come easy, safe and blameless.When something happens, they tend to point at the vendor, when that is not the case. The vendor has hyper-secure, updated systems and is encrypted to the max. They have more security than the average person.... but it has to be thier fault right?

Maybe you were using a crap wi-fi network over that wi-fi network and entered your iTunes details into iTunes (meaning account name and password)you were piggybacked. Maybe you use "personal hotspot" and it happend then; I can't be sure....Your info stolen at that time and they simply signed in later to buy songs using your account. Your Discover was not hacked. Your iTunes password was used. You never had to reset to get back in to your account correct? That means they used your password. That means that they had access to the network you used and took your info at that time-, they logged your info at that time and took it--which can happen on an iPad. Just becasue you added the card a year earlier does not mean they got access then.

Later, your Discover was comprimised, likley due to online banking, cloned by manual swipe (as mine was over Christmas). They tried at WalMart online and it was declined. The iTunes issue and Walmart issue are not a result of a comprimised iTunes account. Your security code is not visible in any way in iTunes and in order to get it, someone has to be watching you at the time you ket it in which is why I keep talking about loggers. They exsist for iOS as well. Monitoring apps that are running in the background when you type in your info can record and send those details to somewhere else (in older versions of iOS that has been proven, not sure about 7.1.1). Also, check out T.Flannery's comments here: https://discussions.apple.com/thread/3812507

If you really want to verify how it happend, Discover would need to tell you. They have the location origins of the transactions as well as the abilkity to trace the origin of the end user invloved. They too have entire departments who seek that info. They can give you that info they find if you get a court order. They likley won't give it to you because you don't own the card, they do and they just let you use it is all. Once you get more info, you can cross check everything for similarities to see if it was the same source and really narrow down how, when and where this all started. Then you can get a new card and try not to let this happen again.

I am just trying to help people be realistic.

I just had this happen to me within the last hour.

I don't normally keep a balance in my account, but I recently won a gift card from Starbucks & Lady Gaga (Hey, it was a scavenger hunt! I love scavenger hunts!) and added the $25 to my account. I upgraded a couple of songs to the DRM free versions and was planning on buying a few apps later.

This morning at 2am, I happened to check my email and noticed 5 emails from Apple in rapid succession. 4 for purchases from a "previously unauthorized device" and 1 saying that my credit card information had been removed from my account.

I logged into iTunes and checked, and sure enough... 2 'free' apps and then in-app purchases totaling 23.46. Guh! I found that I had 90¢ left in my account!

The apps were Epical Gladitors from Funverse and Empire Online (or something of that nature, the game name is mostly in Chinese) from Lakoo. Neither of these games are anything I've ever heard of.

It's odd that the one time I have a gift card balance on my account, my money gets stolen within a week!

I've updated my password, left the credit card info empty, and updated my questions. I also unauthorized all the machines currently associated with my account and then reauthorized just the one I use now. I hope I don't have to update my password anytime soon because quite frankly, it's now a string of barely rememberable random characters!

Aircool: Here's what I did:

• Go to your iTunes app and then into the store to your account information.
• You'll see a section on that page that says recent purchases. Click that and at the bottom it'll say "Report Problem".
• Click that button and then your purchases will have an option that says "REPORT PROBLEM" next to them.
• Click the link next to your unauthorized purchase and It'll take you a page on Apple's website.
• Select iTunes Store Account & Billing > Account Security.
• There'll be a link that says "Email Us" as well as some FAQ links.
• Send an email off to Apple from that page. You'll need the Order number for the unauthorized purchases. As they're done in rapid succession, you'll like only have the one order number for multiple things.

Just to provide some more background:

• I am using a PC
• I rarely connect my iDevices to iTunes (I pretty much use them over WiFi and buy apps on the devices themselves)
• I had no gift card credit in my account
• I had PayPal as my payment means and not a credit card
• none of my devices were used in the last days to purchase anything
• The App responsible for the purchases, Cartel Wars, is a new app released in the last so many days (October 14th)

• Boat, same.
• As someone mentioned earlier, communication from Apple support has been so disjointed and grammatically poor that I've had Twilight Zone moments in which I've felt I was actually corresponding with the original hacker.
• All blame on me, no real apology from Apple.
• The final kicker - after canceling my credit card with my bank the only way to reset my location back from China is to enter yet a new credit card number into my iTunes account. Ah yes - circle of life...