Apple Shares Tips on Avoiding App Store and iTunes Phishing Emails

Apple last week shared a new support document that's designed to help App Store and iTunes users avoid phishing emails that mimic legitimate emails from Apple.

In the document, Apple outlines techniques to identify an actual App Store or iTunes email, which the company says will always include a current billing address, something scammers are unlikely to have access to.

applescamemail

An example of a well-crafted phishing email

Apple also says that emails from the App Store, iBooks Store, iTunes Store, or Apple Music will never ask customers to provide details like a Social Security Number, mother's maiden name, a credit card number, or a credit card CCV code.

Apple recommends that customers who receive emails asking them to update their account or payment information do so directly in the Settings app on an iPhone, iPad, or iPod touch, in iTunes or the App Store on a Mac, or in iTunes on a PC rather than through any kind of web interface.

Customers who receive a suspicious email can forward it to reportphishing@apple.com, and any customer who may have entered personal information on a scam website should update their Apple ID password immediately.

Scam and phishing emails like those Apple describes in this support document are not new, but at the current time, there's a new wave of legitimate-looking emails going around that look much like Apple emails that can easily fool customers who don't know what to look for.

Related Forum: Mac Apps

Popular Stories

Apple Intelligence General Feature

Apple Intelligence Features Not Coming to European Union at Launch Due to DMA

Friday June 21, 2024 9:44 am PDT by
Apple today said that European customers will not get access to the Apple Intelligence, iPhone Mirroring, and SharePlay Screen Sharing features that are coming to the iPhone, iPad, and Mac this September due to regulatory issues related to the Digital Markets Act. In a statement to Financial Times, Apple said that there will be a delay as it works to figure out how to make the new...
Apple WWDC24 Apple Intelligence hero 240610

Apple Explains iPhone 15 Pro Requirement for Apple Intelligence

Wednesday June 19, 2024 4:48 am PDT by
With iOS 18, iPadOS 18, and macOS Sequoia, Apple is introducing a new personalized AI experience called Apple Intelligence that uses on-device, generative large-language models to enhance the user experience across iPhone, iPad, and Mac. These new AI features require Apple's latest iPhone 15 Pro and iPhone 15 Pro Max models to work, while only Macs and iPads with M1 or later chips will...
amazon echo dot

Amazon Could Charge Up to $10/Month for Alexa

Friday June 21, 2024 2:55 pm PDT by
Apple competitor Amazon is working on a revamp of its Alexa assistant, and the new version could cost up to $10 per month, according to a report from Reuters. The upcoming version of Alexa will support conversational generative AI, and Amazon is planning for two tiers of service. There will be a free tier and a second, premium tier that is priced at $5 at a minimum, with Amazon considering...
General Spotify Feature

Spotify Launches Cheaper $10.99/Month Premium Plan Without Audiobooks

Friday June 21, 2024 4:22 pm PDT by
Spotify today announced the launch of a new Basic paid plan that offers a small discount for dropping access to audiobooks. Priced at $10.99 per month, the Basic option includes all of the music benefits of Spotify like ad-free playback, but without added monthly audiobook listening time. The $11.99 standard Premium Individual plan that Spotify offers includes ad-free playback and 15 hours...
iPhone 16 Pro Max Generic Feature 2

5 Biggest Changes Rumored for iPhone 16 Pro Max

Wednesday June 19, 2024 5:00 am PDT by
Given Apple's rumored plan to add an all-new high-end tier to its iPhone 17 series in 2025, this could be the year for Apple to bring its boldest "Pro Max" model to the table — the kind of iPhone 16 upgrade that stands tall above its siblings, both figuratively and literally. If you have been holding out for the iPhone 16 Pro Max, here are five of the biggest changes rumored to be coming...

Top Rated Comments

bbzzz Avatar
83 months ago
PROTIP: disable html in your mail client, it's harder to phish when you can see the links that will be used are not what the text claims they are.

Bonus: tell anyone sending html only to not be a muppet, helping the phishers by conditioning users to accepts such emails. Ask them to include the regular plain text body for those who are trying to not be phished.
Score: 6 Votes (Like | Disagree)
iModFrenzy Avatar
83 months ago
How about tips for recognizing battery throttling scams?
How much longer are we gonna beat a dead horse?
Score: 4 Votes (Like | Disagree)
AndyUnderscoreR Avatar
83 months ago
Well, you SAY that's an Apple support document....
Score: 3 Votes (Like | Disagree)
Apple_Robert Avatar
83 months ago
Good move on Apple for doing what they can to inform people about phishing.
Score: 3 Votes (Like | Disagree)
fastasleep Avatar
83 months ago
I think the current app store's "Today" section design is kind of phishing too.
If you hold the phone with your right hand and scroll through the Today's stories with your right thumb, you can so easily touch the "GET" or "purchase" buttons by mistake, and when that happens some people's first reaction is to press the home button to quit the app store app, but if you do that and if you are using touch ID to approve purchases, the purchase gets approved.
That's not what phishing means.
[doublepost=1519875375][/doublepost]
You’d think they could use their fancy smancy machine learning to stop these from coming through for all sorts of major companies. I know companies like PayPal have trouble with this all the time. Even if you can’t cover everything it’s better to get at least 90% of them.

Heck, you could probably just regex to match certain strings like their footer or other common phrases used in Apple emails. Then check the sender against official Apple email addresses and if it doesn’t check out, send it to the spam folder or put a big red warning at the top saying the email seems suspicious and might be a phishing attempt. This seems like a solvable problem in 2018.
They often do. My spam filter (ASSP) correctly flag all the phishing emails I get as spam. When reviewing stuff in my spambox for false positives, I often take a second look at things that look like they came from Netflix or Apple, only to realize they were correctly flagged. But remember there are a ton of email providers out there with various types and qualities of spam filters.
Score: 3 Votes (Like | Disagree)
goatless Avatar
83 months ago
('https://www.macrumors.com/2018/02/28/apple-app-store-phishing-emails/')


Apple last week shared a new support document ('https://support.apple.com/en-us/HT201679') that's designed to help App Store and iTunes users avoid phishing emails that mimic legitimate emails from Apple.

In the document, Apple outlines techniques to identify an actual App Store or iTunes email, which the company says will always include a current billing address, something scammers are unlikely to have access to.


An example of a well-crafted phishing email
Apple also says that emails from the App Store, iBooks Store, iTunes Store, or Apple Music will never ask customers to provide details like a Social Security Number, mother's maiden name, a credit card number, or a credit card CCV code.

Apple recommends that customers who receive emails asking them to update their account or payment information do so directly in the Settings app on an iPhone, iPad, or iPod touch, in iTunes or the App Store on a Mac, or in iTunes on a PC rather than through any kind of web interface.

Customers who receive a suspicious email can forward it to reportphishing@apple.com, and any customer who may have entered personal information on a scam website should update their Apple ID password ('https://support.apple.com/kb/HT201355') immediately.

Scam and phishing emails like those Apple describes in this support document are not new, but at the current time, there's a new wave of legitimate-looking emails going around that look much like Apple emails that can easily fool customers who don't know what to look for.

Article Link: Apple Shares Tips on Avoiding App Store and iTunes Phishing Emails ('https://www.macrumors.com/2018/02/28/apple-app-store-phishing-emails/')
[doublepost=1519861795][/doublepost]That's actually a pretty good fake. The ones I receive are usually riddled with odd, non-native phrasing. Not that my english is perfect, but english does have its idiomatic ways, and certain words, phrases, and capitalization patterns standout as not being businesslike.
Score: 2 Votes (Like | Disagree)