Fraud Alert Unauthorised iTunes Payment Scam
Hi – another scam alert you need to keep an eye out for. I received an email today with the subject: Fraud Alert: Unauthorised iTunes Payment – I received another titled: Unauthorised Appstore Purchase and another Unauthorised iTunes Purchase – to a completely separate email account today too.
As with all scam emails, there are tell tale signs that it should not be trusted. If Apple’s reports are correct, then it appears some A-List celebrities such as Jennifer Lawrence, Ariana Grande and others, may have fallen for exactly this type of scam.
First, lets have a look at the scam email
Looks pretty straight-forward – if a bit bland – but to be honest, Apple’s branding is fairly clean and not full of colours and graphics. However, let’s cover a few points to show that this is a scam.
The Salutation of the Scam Email
The email is addressed “Hi” – as is noted on the official Apple website talking about scams, almost all official companies that you have registered with, will address you by your name, eg “Hi Mark, ….”
Grammatical Errors in Scam Emails
The third paragraph begins: “If you made the buying, you…” – what??? What does “If you made the buying” mean? Grammatical errors are one of the biggest give-aways of scams.
Every reasonable sized company (I think you could class Apple within that description 🙂 ) has a communications department that will scrutinise every paragraph, sentence, and full stop, to ensure its emails or press releases or blog posts, are 100% grammatically correct.
If I spotted that at the first scan I did of the email, I don’t think to be honest, that this scam iTunes email has had a second look – let alone been through several layers of checking.
The “This operation…” sentence is finished by two full stops. . That just looks wrong – and suspicious! (are you picking up the hints yet?)
As above – the closing paragraph starts: “Anyhow, your financial information are in safe on our secure servers” – I personally work with a lot of people that don’t have English as a first language, and I have never heard them talk as poorly as this. Let alone a very serious corporate communication.
When did you last see your bank use the word “Anyhow” in a letter to you? Or say your financial information “are in safe on our secure servers”?
It’s just nonsense – and a big red warning flag should come up when you see this type of mistake.
General Formatting of Scam Emails
The link: “Apple ID >”: If you go onto Apples website – you’ll see the formatting of their links is nice and clean – no underlining – no change of colour after you have visited the link – unlike above, where it just “looks” poor.
As with the grammatical errors, formatting and how emails are displayed, reflects on the company that sends them.
Apple would simply not allow this email to be released, having a link looking like the one above.
Hyper Links Within the Scam Email
If you were to hover over the link on the email, you’d see it actually links to a reputable site – Google:
However, what you may not be aware of are the extra characters that can be added to a Google address (URL) that will automatically carry out a search or a redirect to another site for you.
It’s not easy to spot, and not many people know about it – but if in a Google address (URL) you see the characters: com/url?q=http – whatever comes after the “q=http” part, will redirect you to that site – and that is exactly what happens if you click on the link in this email.
So you may hover over the link and think, “it’s fine – it’s linking to https://www.google.com/…” and I know and trust them – BUT – beware if you don’t actually go to the familiar Google.com home page when you click on it.
That’s a sure sign that the email is trying to gain your confidence that it is genuine (by showing a legitimate link to a legitimate website), and then you ending up on something other than that website.
If you are very familiar with emails, and the email protocols – you can check the email Headers. The last “received from” address, should contain the domain name of the sender. That will confirm the email has been sent through the website mail servers. If it says anything other than (in this case) “Received from: …..@apple.com” – then again, there is a strong chance it is a scam.
However, if you follow the other clear pointers above, you should avoid most scam emails on the go – no matter who they are from.
Another Example Scam Email
You can see all of the above in this similar email too. The best about this one is they say they won’t send you a request for secure information by email, when in the previous sentence they as you for exactly that! The grammar is shocking – there is extra punctuation, and they don’t address it to you:
So to sum up, if it just doesn’t look right and there are grammatical errors (or simply poor English), and it’s not addressed personally to you, you can be fairly sure it’s a scam email. IF you do click the link, and it takes you to a web page asking for any personal information – close down your browser, and either a) ignore the email or b) send it to the “real” companies fraud reporting email address – there will be a link on most companies genuine websites.
Whatever you do, do NOT confirm any personal details on a website, after clicking a link from an email.
For more information on phishing emails, please click here.
All the best, Mark