Millions of Apple Pay users are currently being targeted by a sophisticated new wave of phishing attacks that flawlessly clone the tech giant’s official branding, complete with case numbers, professional formatting, and even spoofed sender IDs that look identical to the real thing. But while the messages look like a security lifeline, they are actually a direct pipeline to your bank account, designed to lure you into a con that bypasses even the strongest passwords. Before you tap that link or call the “support” number to save your cash, you need to see the tiny, devilish details that prove it’s a trap.
The latest Apple Pay phishing scam
There is a sneaky new scam hitting Apple users everywhere, and it’s designed to look exactly like a real security warning from the company. It comes in several forms. Some messages claim there’s a blocked Apple Pay transaction, a scheduled appointment, or suspicious activity on your Apple ID. But in every scenario, the scammers warn that a high-value purchase (often costing hundreds of dollars) has been attempted using your account and urge you to call a phone number that, unknown to the victim, is controlled by the fraudsters.
The goal is simple: create a sense of panic and urgency. Victims, fearing significant financial loss, are tricked into calling the provided number, thinking they’re reaching Apple’s support. Instead, they are connected directly to the scammers, who then attempt to steal Apple ID credentials, verification codes, or other sensitive payment information.
This carefully crafted fear tactic makes even cautious users vulnerable to losing both money and personal data. By the time they realize it’s a setup, the cybercriminals have often already used the victims’ information to lock them out of their accounts—or, worse, drain money from their Apple Pay accounts.
Your 5-step shield against Apple Pay fraud
While these phishing attempts are becoming more sophisticated, they always leave behind a trail of clues. By slowing down and looking for these specific inconsistencies, you can protect your financial data and Apple ID from being hijacked. Here are the five best ways to verify an alert and stay secure:
1. Ignore emails or messages asking you to call a number
Apple never sends fraud alerts via email, nor does it ask you to call phone numbers included in messages. If you see anything like this, delete the message immediately. It’s also a good idea to change your account password using a reliable password manager as a precaution.
2. Check the sender’s email address carefully
Even if an email looks official, small typos, unusual domains, or inconsistencies in formatting can indicate a scam. Watch out for greetings like “Hello {Name}” instead of your real name, or phone numbers that don’t match Apple Support’s official contact information.
3. Beware of urgent or threatening language
Cybercriminals rely on a ticking clock to make you bypass your common sense. Legitimate companies, including Apple, will never threaten to lock your account permanently or claim you must “act within minutes” to save your money. Genuine security alerts are informative, not frantic. Scammers use this sense of urgency to make you act before thinking — a classic trick to steal sensitive information.
4. Verify with Apple or your bank directly
If you’re unsure about a message, go to Apple’s official website and contact support directly. Apple can confirm whether there are any issues with your Apple ID, Apple Pay setup, or account activity. Remember, banks automatically cancel suspicious transactions, and they will contact you if action is needed.
5. Check your purchase history yourself
You can verify whether any unusual transactions have occurred by opening the Settings app on your device. Tap your name at the top, go to Media & Purchases > View Account > Purchase History, and review your recent activity to ensure there’s nothing suspicious.
Sources: Apple Insider, TechRadar