Some recent Apple scams take an evil but clever twist. Rather than asking a user for information or to make a purchase, these scams claim that a user — or a malicious third-party — has already made a purchase.
These scams appear to be official Apple receipts or invoices, and they can be extremely convincing. More often than not, they’ll simply claim that the recipient has made a recent purchase (typically a large one). Of course, since the victim hasn’t bought whatever is on the recipient, they’ll quickly look to cancel or report the fake purchase.
The fake receipt will have a link to cancel if the purchase if it was unauthorized (which, of course, it was).
When clicked, it’ll bring users to a page asking for their name, Apple ID and password, address, birthdate, social security number, and financial information.
Apple users should be aware that the company will never ask for your sensitive information when canceling a purchase. It’s also smart to keep an eye on the sender’s email, as well as the link (you can hover over the “cancel purchase” link to see its true destination).
If there’s even a trace of doubt in your mind, delete the email and contact Apple.