“Apple Music Membership Invoice” Phishing Scam Email

Email purporting to be from Apple claims to be an invoice for a monthly Apple Music Membership subscription. It includes a link that you can supposedly click to cancel the subscription.

Brief Analysis:
The email is not from Apple and it is not a genuine invoice. Instead, it is a phishing scam designed to steal your Apple ID, your credit card details, and other personal information.

Apple Music Membership Phishing Scam

Detailed Analysis:
According to this “invoice email’, which appears to have been sent by Apple, you have been charged  £39.99 for a monthly Apple Music Membership subscription. The email looks like a typical Apple invoice message and includes a link that supposedly allows you to cancel the purchase.

However, the email is not from Apple and, despite its appearance, it is not a genuine invoice. In fact, it is a phishing scam designed to steal your Apple account login details, your credit card numbers, and other personal information.

The criminals behind the scam campaign know that at least a few recipients, mistakenly believing that they have been charged for a subscription that they never ordered, will click the “cancel” link in the hope of reversing the supposed purchase.

If you do click the link, you will be taken to a fraudulent webpage that closely mirrors the appearance of the genuine Apple website.

Once on the fake page, you will be asked to login using your Apple ID and password. After “logging in”, you will be taken to a second fake page that asks you to fill in a “Cancel Order” form. The form asks for your credit card details, ostensibly as a means of verifying your identity and allowing the refund to be processed. The form also asks for your name and address details and other identifying information. After submitting the requested information, a popup message will inform you that you have successfully canceled the order. You may then be automatically redirected to the genuine Apple website.

Meanwhile, the criminals can collect all of the information you submitted and use it to hijack your Apple account and commit fraudulent transactions using your credit card. Once they have gained access to your account, they can make further fraudulent purchases, steal more personal information, and use the  account to send spam and scam messages. Ultimately, they may gather enough information about you to allow them to steal your identity.

Apple phishing scam messages like this one are very common. A report on the Apple website explains how to recognize and report such scam attempts.

Last updated: September 20, 2016
First published: September 20, 2016
By Brett M. Christensen
About Hoax-Slayer

Apple ‘Your Order Has Been Placed’ Phishing Scam
‘Apple & iCloud ID Cancellation’ Phishing Scam
Phishing & Other Suspicious Emails