Man holding tablet computer with Apple phishing scam email
Home ScamsPhishing Scams ‘Recent Download With Your Apple ID’ Phishing Scams

‘Recent Download With Your Apple ID’ Phishing Scams

by Brett M. Christensen

If you are an Apple user, keep an eye out for emails claiming that your Apple ID was recently used to download an app you know nothing about.

The emails claim that the app was downloaded using a computer or device that has not previously been associated with your Apple ID.

The name of the app that was supposedly downloaded varies in different versions of the scam messages as does the country that the download was ‘initiated from”.

In fact, the notification emails have no connection to Apple and the information they contain is not related to any actual download or app store purchase. They are phishing scams designed to trick you into sending your personal and financial information to criminals.
The scammers hope that you will mistakenly believe that your Apple ID has been hacked and click one of the links that falsely claim to provide further assistance or allow you to change your password.

The links open a fraudulent website that has been built to look like the real Apple login page. Once you have logged in on the bogus page by entering your Apple ID email address and password, you will be asked to complete a form that will supposedly cancel the fraudulent app store purchase and secure your account. The form asks for your name and contact details, your credit card details, and other identifying personal information.

All of the information you submit on the bogus form will be collected by criminals and used to take control of your Apple account. Once they have accessed your account, they can:

  • Hijack your Apple email and use it to send scam, spam, and malware emails with your name on them.
  • Make fraudulent purchases on the app store.
  • Steal personal files stored in iCloud.
  • Make fraudulent transactions with your credit card.
  • Attempt to steal your identity.

Apple phishing scams like this are very common and take many forms.

Note that Apple and other companies often do send automatic security notification messages about recent purchases or account logins. Scammers capitalize on this by sending phishing emails that may, at least at first glance,  resemble these genuine security notifications. The Apple website includes information that explains how to recognise genuine messages and report scam attempts.

If you receive a suspect email, do not click any links or open any attachments that it contains. It is always safer to log in to your online accounts via a trusted app or by entering the address into your browser’s address bar. If the issue or concern described in the email turns out to be real, you will usually see information about it after you log in to your account.

 

Some examples of the scam emails:

Apple ID Recnet Download Phishing Scam

 

Your Apple ID, [email address removed], was just used to download Snake!Snake!Snake from the App Store on a computer or device that had not previously been associated with that Apple ID.

This download was initiated from China.

If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.

If you did not initiate this download, we recommend that you go to [Removed] to change your password, then see Apple ID: Security and your Apple ID for further assistance.

Regards,

Apple

 

Dear Apple Customer,

Your Apple ID, was just used to download OS Maps from the App Store on a computer or device that had not previously been associated with that Apple ID.

If these changes were made in error, or if you believe an unauthorised person accessed your account, we recommend to visit the link below to reset your password and verify that you are the legitimate account holder.

Verify now >

Thanks for taking these additional steps to keep your account safe.

Regards,
Apple

 

Dear Customer,

Your Apple ID Was Just Used To Purchase Need for Speed Game $19.99 From The App Store on A Computer or Device That Had Not Previously Been Associated With That Apple ID.

This Purchase Was Initiated From USA.

If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.

If you did not initiate this download, we recommend that you go to [Removed] to change your password, then see Apple ID: Security and your Apple ID for further assistance.

 

Dear ,

Your Apple ID, was just used to buy Parallels 2X RDP (Remote Desktop) from the Mac App Store on a computer or device that had not previously been associated with that Apple ID.

This download was initiated from Germany.

If you initiated this purchase, you can disregard this email. It was only sent to alert you in case you did not initiate the purchase yourself.

If you did not initiate this purchase, we recommend that you go to

[Link removed]

and cancel any unauthorized transaction

Regards
Apple