Fraud Alert Unauthorised iTunes Payment Scam



Hi – another scam alert you need to keep an eye out for. I received an email today with the subject: Fraud Alert: Unauthorised iTunes Payment – I received another titled: Unauthorised Appstore Purchase and another Unauthorised iTunes Purchase – to a completely separate email account today too.

As with all scam emails, there are tell tale signs that it should not be trusted. If Apple’s reports are correct, then it appears some A-List celebrities such as Jennifer Lawrence, Ariana Grande and others, may have fallen for exactly this type of scam.

First, lets have a look at the scam email

iTunes Scam Email

iTunes Scam Email

Looks pretty straight-forward – if a bit bland – but to be honest, Apple’s branding is fairly clean and not full of colours and graphics. However, let’s cover a few points to show that this is a scam.

The Salutation of the Scam Email

The email is addressed “Hi” – as is noted on the official Apple website talking about scams, almost all official companies that you have registered with, will address you by your name, eg “Hi Mark, ….”

Grammatical Errors in Scam Emails

The third paragraph begins: “If you made the buying, you…” – what???  What does “If you made the buying” mean? Grammatical errors are one of the biggest give-aways of scams.

Every reasonable sized company (I think you could class Apple within that description 🙂 ) has a communications department that will scrutinise every paragraph, sentence, and full stop, to ensure its emails or press releases or blog posts, are 100% grammatically correct.

If I spotted that at the first scan I did of the email, I don’t think to be honest, that this scam iTunes email has had a second look – let alone been through several layers of checking.

The “This operation…” sentence is finished by two full stops. . That just looks wrong – and suspicious! (are you picking up the hints yet?)

As above – the closing paragraph starts: “Anyhow, your financial information are in safe on our secure servers” – I personally work with a lot of people that don’t have English as a first language, and I have never heard them talk as poorly as this. Let alone a very serious corporate communication.

When did you last see your bank use the word “Anyhow” in a letter to you? Or say your financial information “are in safe on our secure servers”?

It’s just nonsense – and a big red warning flag should come up when you see this type of mistake.

General Formatting of Scam Emails

The link: “Apple ID >”: If you go onto Apples website – you’ll see the formatting of their links is nice and clean – no underlining – no change of colour after you have visited the link – unlike above, where it just “looks” poor.

As with the grammatical errors, formatting and how emails are displayed, reflects on the company that sends them.

Apple would simply not allow this email to be released, having a link looking like the one above.

Hyper Links Within the Scam Email

If you were to hover over the link on the email, you’d see it actually links to a reputable site – Google:

iTunes Scam Email Link
iTunes Scam Email Link


However, what you may not be aware of are the extra characters that can be added to a Google address (URL) that will automatically carry out a search or a redirect to another site for you.

It’s not easy to spot, and not many people know about it – but if in a Google address (URL) you see the characters: com/url?q=http – whatever comes after the “q=http” part, will redirect you to that site – and that is exactly what happens if you click on the link in this email.

So you may hover over the link and think, “it’s fine – it’s linking to https://www.google.com/…” and I know and trust them – BUT – beware if you don’t actually go to the familiar Google.com home page when you click on it.

That’s a sure sign that the email is trying to gain your confidence that it is genuine (by showing a legitimate link to a legitimate website), and then you ending up on something other than that website.

Other Signs

If you are very familiar with emails, and the email protocols – you can check the email Headers. The last “received from” address, should contain the domain name of the sender. That will confirm the email has been sent through the website mail servers. If it says anything other than (in this case) “Received from: …..@apple.com” – then again, there is a strong chance it is a scam.

However, if you follow the other clear pointers above, you should avoid most scam emails on the go – no matter who they are from.

Another Example Scam Email

You can see all of the above in this similar email too. The best about this one is they say they won’t send you a request for secure information by email, when in the previous sentence they as you for exactly that! The grammar is shocking – there is extra punctuation, and they don’t address it to you:

iTunes Scam Email

iTunes Scam Email – another example


So to sum up, if it just doesn’t look right and there are grammatical errors (or simply poor English), and it’s not addressed personally to you, you can be fairly sure it’s a scam email. IF you do click the link, and it takes you to a web page asking for any personal information – close down your browser, and either a) ignore the email or b) send it to the “real” companies fraud reporting email address – there will be a link on most companies genuine websites.

Whatever you do, do NOT confirm any personal details on a website, after clicking a link from an email.

For more information on phishing emails, please click here.

All the best, Mark

Mark Tait

Click Here to Leave a Comment Below 6 comments
Deidre Salcido - September 4, 2014

I didn’t know about these types of hints. Thank you for creating this valuable website. There are so many companies sending emails with grammatical errors and I just delete them…now I know they are probably ALL SCAMS! THanks again and please keep me updated with more helpful tips and information!

    admin - September 5, 2014

    Hi Deidre.

    I’m sure some are genuine, but if you spot the subtle (or sometimes not so subtle) signs, then you know to trash them straight away.

    All the best, Mark

David Snodgrass - September 4, 2014

great advice and thanks for sharing

    Mark Tait - September 4, 2014

    Cheer David (Tex) – I love that you like Atari.

    I used to write and program music for computer games back in the 80’s – and the Atari was always something I loved (games wise) – especially DropZone, which was probably one of the best Defender clones around on home computers back then – even the C64 version was fantastic, and Archer MacLean did a great job of both!

    Anyway, all the best, and thanks for commenting,


Kristina - September 4, 2014

Thank you for this info, I had no idea about many of the things you explain. this will make it a lot easier to spot scams! Regards, Kristina

    admin - September 4, 2014

    Hi Kristina – thank you, I’m really please it helps you spot these nasty email scams doing the rounds.

    I agree with your comments on your website – we’re not really aware of what we have available to us – happiness is far more important than wealth (money) – please check Kristina’s website for more info: http://booksforthenewage.com/

    Cheers, Mark


Leave a Reply: