According to this “subscription confirmation” email, which purports to be from Apple, your last purchase was reviewed by Apple’s system because a new device was used for the transaction.
Supposedly, Apple suspects that your account was used by someone else to purchase a three-month subscription for an image app.
The email instructs you to click a button to cancel the suspect transaction.
However, the email is not from Apple and the listed transaction is not a real one. And the claim that your account was accessed by someone else is also untrue.
In fact, the fake transaction listing and the false account security claims are designed to panic recipients into clicking the “cancel” button. Recipients who believe the claims may quickly click the button without due forethought.
If you do click the button, you will be taken to a fraudulent website that looks like it belongs to Apple.
Once on the fake site, you will be instructed to sign in with your Apple ID. Next, you will be presented with a fake “Cancel Transaction” form that asks for your credit card numbers, your name and contact details, and other identifying personal information.
Once you submit the fake form, all of the information you supplied will be sent to the criminals responsible for the phishing attack. They can then use the information to take control of your Apple account, commit fraudulent credit card transactions, and attempt to steal your identity.
Note that the subscription supposedly purchased, the amount paid, and other details may vary in different versions of these scam emails. Scammers regularly target Apple users in such phishing attacks.
It is always safest to login to your Apple account by entering the address into your browser’s address bar or via a legitimate Apple app.
The Apple website includes information about identifying and reporting such phishing messages.
An Example of the scam email: