Beware of Apple Pay Phishing Attack that Aims to Steal Your Payment Details

A sophisticated phishing campaign is currently targeting Apple Pay users, utilizing deceptive emails and phone calls to steal sensitive financial information.

The attack typically begins with an email that appears boringly familiar, featuring the official Apple logo and a clean, professional layout.

The subject line is crafted to induce immediate panic, warning the recipient of a high-value charge that has supposedly been stopped at an Apple Store to prevent financial loss.

The message includes realistic details such as a specific case ID, a timestamp, and a stern warning that the account is at risk.

In many instances, the email claims that an “appointment” has been booked for the user to review the fraudulent activity.

It provides a phone number for immediate assistance, urging the victim to call if the time is inconvenient.

The formatting mimics legitimate receipts, hitting all the right anxiety buttons to bypass the user’s skepticism.

Malwarebytes analysts identified this campaign, noting that it relies on “vishing”—voice phishing—rather than malicious links. By luring victims into a phone conversation, attackers can manipulate them more effectively.

The researchers noted that the ultimate goal is to steal login codes and payment data, leveraging the trust users place in the Apple brand to bypass security measures and seize control.

The impact of this scam is significant and dangerous. If successful, attackers gain full access to the victim’s Apple account, including stored photos, data, and linked credit cards.

The convincing nature of the fake invoices, such as a receipt for a 2025 MacBook Air, makes it a highly potent threat to consumers.

The Mechanics of the Fake Support Call

When a victim dials the provided support number, an agent introduces themselves as part of Apple’s fraud department.

The conversation is carefully scripted to build trust, starting with harmless checks like the last four digits of a phone number.

The agent explains that the system “partially blocked” a transaction and needs verification to fully secure the account.

This is the critical trap: the scammer asks for the Apple ID two-factor authentication code. Unbeknownst to the victim, the criminal is logging into the account in real-time.

The agent might even claim that criminals are currently in a physical store attempting to use the card, adding pressure.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.