Did you know that Apple Pay has a $2500 apple cash card limit? If someone steals your credit card information from an online purchase, they can use it to buy over $2500 worth of goods. These card scams are getting common these days.
Apple pay scam is becoming more and more common. This post will discuss apple pay scams and how to avoid them, and we’ll also talk about the best practices for apple pay security. It is an informational post to update readers about Apple pay scams and what to do in such a situation. If your organisation is interested in securing its assets, please visit our CREST penetration testing services page on how we help secure organisations around the world.
What is apple pay?
Apple pay is a mobile payment system that allows you to make payments with your iPhone or iPad. It’s similar to other mobile payment systems like Google Pay and Samsung Pay.
How does apple pay work?
When you add a credit or debit card to apple pay, the app creates a unique number for that card. This number is stored on your device to send or receive money, and apple doesn’t store your card information on their servers.
How to use apple pay?
To use apple pay, you need an iPhone or iPad running iOS 11.0 or higher with a built-in NFC chip. You also need to have a supported card from one of the following few banks:
- American Express
- Bank of America
- Capital One
How secure is apple pay?
Apple pay is a secure way to make payments. What makes apple pay secure is due to the following reasons:
- Card numbers are not stored on your device
- Card details are never shared by Apple Pay
- Card details are never sent with your payment, instead works on a unique device account number that’s encrypted
More on apple pay security here.
What is an apple pay scam?
An apple pay scam is when someone steals your credit card details, like your credit card number and uses it to make fraudulent purchases. Apple pay scams are becoming increasingly common, so it’s important to know possible scam scenarios and how to avoid them.
I got scammed on apple pay (Apple Pay Fraud Suspected Message)
There are a few factors that make Apple Pay one of the most secure payment methods available:
- Sophisticated authentication layers like two-factor authentication
- Tokenization (When crediting an account, it’s essential to change meaningful data like name or address with random character tokens to conceal information from hackers.)
- Innovative data storage practices
Despite this, hackers and other fraudsters profit by finding and exploiting various digital devices and services vulnerabilities and performing different cyber attacks. Here are some examples of Apple Pay fraud scenarios that might result in losing money.
If you notice Applepay fraud suspected on your iPhone like the one below, double check the transaction details to ensure all details are correct.
Here are some of the red flags which you can verify to avoid email scams:
1. The fake apple invoice email scam
If you’ve been sent an invoice for something you didn’t order or pay for, there’s a good chance it’s a fraud. These phoney invoices are usually convincing, yet some signs hint at their falseness.
The official Apple email address is [email protected], so the following email appears to be from a fraudulent sender. The calculation of VAT is entirely incorrect, and it was purchased from an unknown device with a false name that didn’t match the email recipients.
If you click on the link, however, nothing happens. You won’t be able to cancel or manage your subscriptions using Apple invoices; if you hover your cursor over the highlighted link, it shows a strange web address. Never, ever, ever click on the URL.
Cyber attacks are not a matter of if, but when. Be prepared.
Box-ticking approach to penetration tests is long gone. We help you identify, analyse and remediate vulnerabilities so you don’t see the same pentest report next time.
2. The apple fake iMessage or SMS text scam
The scam is only distributed by email these days; you’re just as likely to get one by text message. The following is an example of a scam text that iPhone owners may receive.
Unknown senders send you a text message. Although the message’s subject claims to be an Apple account, there is no Apple name for the originator; instead, it’s just a phone number with an overseas code. This is also a sign that any person is trying to trick you.
A scammer may tell you that your account has been compromised, and you must click a link (which offers no indication of where it will take you) to provide them with personal details. This is a typical approach for scammers to collect login information, which they can use to access accounts or funds.
3. Phishing email scam
Phishing emails are fake emails that appear to be from legitimate companies like Apple. The email asks the victim to click on a wrong or malicious link or provide their details.
When the victim clicks on the links or provides their information, they are redirected to a fake website like a payment terminal. This website steals the victim’s credit card information or financial information and makes fraudulent purchases.
4. Unsecured Wi-Fi
Wireless connections to public Wi-Fi networks are undoubtedly a time-saver (especially when you’re on vacation and don’t want to pay for data usage). However, they are frequently unsecured or utilize passwords that are easy to guess, such as “12345678” or “adminadmin.”
A hacker can easily pick up on any card details you type into Apple Pay while using an unsecured Wi-Fi network.
Don’t change anything in your Apple Pay profile when you’re away from home. Consider using a Virtual Private Network (VPN) to make quick adjustments. Avoid using public networks as much as possible to stay safe.
How to spot an apple pay scam?
Apple Pay scam is difficult to spot, as they often look legitimate. However, there are a few telltale signs:
- Strange web addresses in the email or text message
- Emails that ask you to click on links or provide personal information
- Unsecured Wi-Fi networks
If you’re unsure whether an email is from Apple, you can always contact Apple Support for help.
How to avoid scams and report junk to apple support?
These are just a few of the scams that are circulating Apple Pay. Be vigilant and always be on the lookout for any suspicious emails, texts, or websites. To protect yourself from being scammed, remember these simple tips:
- Never click on a link in an apple fake email or text.
- Don’t provide personal or Payment information in response to an apple fake email or messages, as that is a trick scammers use to perform transactions.
- Forward apple fake emails and texts to Apple at [email protected].
- Use a different device to access your iCloud account if you think it has been compromised.
- If you’re using an iPhone or apple watch, use the “Report Junk” feature in Messages to send apple fake emails and texts to Apple from your apple id.
- Use a VPN if you need to make quick adjustments to your Apple Pay profile or apple wallet while away from home.
- Avoid using public Wi-Fi networks whenever possible because, in most cases, they are easily exploitable, and any other person can intercept your online traffic.
What to do if you were scammed via apple pay?
If you think your apple pay account has been compromised, or if you’ve fallen victim to any scammers involving Apple Pay, take the following steps:
- Contact your bank and credit card company immediately.
- Change your apple id password for all of your online accounts.
- Monitor your credit report and financial statements closely for any unauthorised payment activity.
Apple devices update their security features to protect apple pay users from scams. Be sure to keep your software up-to-date and always be aware of the latest apple pay scam.
How to cancel or dispute a payment?
If you have a payment you need to cancel, then follow the steps below:
- Tap Cancel Payment and then Yes. In the Messages app, open the discussion for the Paymentou you wish to cancel, and select the Payment from the drop-down menu.
- This should have happened automatically if you have already paid and downloaded the apple wallet app. Select your transaction in the Recent or latest transactions list in the wallet.
- If the option is available, select Cancel Payment from the drop-down menu.
- If you have been charged and cannot cancel the Payment, it implies that the person has already accepted the Payment. You can try appealing to the individual or apple support for a refund.
- You may dispute the charge if you cannot cancel your Payment and the recipient does not return your transfer money.
Secure code is an essential element for business growth
Show your customers and supply chain you can manage application risks with secure coding practices.
Can you get your money back on apple pay?
Yes, you can get your money back on Apple Pay if you return the item you purchased or if the merchant issues a refund. When you make a purchase with Apple Pay, the merchant receives your payment information, but Apple does not store it. This means that Apple cannot issue refunds directly. However, if the merchant issues a refund, it will be processed through your payment card issuer and your money will be returned to your account.
How to get money back from apple pay if scammed?
Apple does not offer refunds if you are scammed using apple pay. However, users’ bank and card companies may be able to refund the money that was stolen from the users. Be sure to contact them as soon as possible.
Is apple pay protected like PayPal?
Apple Pay is a more secure payment method than PayPal. Apple has added multiple layers of security, such as Touch ID and Face ID, and other ways to protect your apple pay account from scammers.
Shahrukh, is a passionate cyber security analyst and researcher who loves to write technical blogs on different cyber security topics. He holds a Masters degree in Information Security, an OSCP and has a strong technical skillset in offensive security.