It looks real – there’s a case ID, a timestamp, and even a phone number for “Apple Support.” Panic sets in. Did someone just spend $215 on your Apple Pay account in San Diego?
Before you call that number, stop. This isn’t Apple contacting you – it’s a sophisticated phishing and tech support scam designed to steal your money and personal information.
In this guide, we’ll expose how the Unverified Apple Pay Usage Scam really works, how to recognize the warning signs, and what steps to take if you’ve already been tricked.
Scam Overview
The Unverified Apple Pay Usage Scam is a form of phishing and tech support fraud that exploits people’s trust in Apple’s brand security and their fear of unauthorized financial activity.
Scammers send realistic-looking emails pretending to be from Apple’s Security Division, warning of suspicious Apple Pay activity on your account. The message includes transaction details, a case ID, and a phone number to “contact Apple Support.” However, this is all fake.
Let’s look closely at the message victims receive:
Example of the scam email:
Subject: Unverified Apple Pay Usage
We noticed some unusual activity on your Apple ID (Case ID: 5*******9) account and want to ensure your information remains safe.
Details of the activity: Transaction: $215.45 at “Electronic Hub USA” Date/Time: November 9, 2025, at 09:23 AM (PST) Device: iPhone 17 Pro, used in Los Angels, CA
If you recognize this transaction, no action is need If this activity is familiar, no action is required, and the transaction will proceed within 24 hours. If not, contact Apple Support immediately at [phone number] for assistance.
Need Assistance? Apple Support: [phone number] Billing Help: https://getsupport.apple.com/
Thank you for helping keep your account secure. Stay secure, Apple Security Division
At a glance, the message looks convincing — it mimics Apple’s tone and structure. It references real Apple services, includes an Apple-like support link, and mentions an iPhone model and transaction that sound plausible.
But when you look deeper, the red flags start to appear.
Red Flags in the Email
Generic Greeting and Poor Grammar The message doesn’t address you by name, which Apple always does. You’ll also notice slight grammatical errors like “no action is need” — something you’ll never find in an official Apple communication.
Fake Case ID and Transaction Details The inclusion of a “Case ID” and transaction makes the message appear more official. However, Apple doesn’t send case numbers or financial alerts this way. All billing or Apple Pay alerts come through your device notifications or your Apple ID account, never via random emails.
Suspicious Phone Number The phone number in the email is not an Apple number. Scammers rotate different U.S.-based numbers to make it look legitimate. If you search the number online, you’ll often find complaints from victims who were scammed after calling it.
Impersonation of Apple Branding The scammers use phrases like “Apple Security Division”, “Stay Secure”, or “Thank you for helping keep your account secure”. While these sound reassuring, they’re part of a psychological manipulation tactic to establish trust.
Phishing Link and Urgency Including a partial link to “getsupport.apple.com” is deliberate — it makes you think the email is legitimate, even though the actual link (if clickable) would redirect you elsewhere. The “24-hour window” is a psychological trick to make you act without thinking.
The Emotional Manipulation Behind the Scam
This scam is effective because it preys on fear and urgency. Apple Pay is directly connected to users’ bank accounts or credit cards, so any message implying fraudulent charges triggers an immediate reaction.
When someone sees:
“We noticed some unusual activity on your Apple ID… $215.45 at Electronic Hub USA,” it feels real. The exact dollar amount, the timestamp, and the location all combine to make the alert believable.
By creating this sense of panic, scammers make victims call the fake number before verifying through official Apple channels. Once the call is made, the scam escalates rapidly.
Why People Fall for It
Even experienced users fall for this type of scam because:
The email looks visually identical to real Apple emails.
It references real Apple products and services.
It uses a real brand’s formatting, logo, and professional language.
It contains specific dollar amounts and a believable retailer name.
It provides a working phone number — not a link — which feels “safer” to some people.
This combination of realism and fear leads victims straight into the scammers’ trap.
How the Scam Works
The Unverified Apple Pay Usage Scam operates like a typical tech support refund scam, but with a twist: it uses Apple’s reputation to lure victims. Here’s how it usually unfolds from start to finish.
Step 1: The Phishing Email
You receive the fake Unverified Apple Pay Usage email in your inbox. It may appear to come from an address such as security@apple.com, billing@appleidalert.com, or appleid@supportverify.com.
These are spoofed or lookalike domains designed to mimic Apple’s real addresses. The message looks urgent and professional, warning about unauthorized Apple Pay use on your account.
The scammers rely on panic and confusion. You may not even check the sender’s address carefully — the words Apple Pay and unusual activity grab your attention.
Step 2: The Urge to Call Immediately
The email tells you to “contact Apple Support immediately” using the provided number. This is the heart of the scam.
Instead of asking you to click a phishing link (which some users might recognize as dangerous), the scammers use a phone-based social engineering tactic. It feels more personal and trustworthy.
Many people think, “I’m not clicking any links — I’ll just call Apple directly.” Unfortunately, the phone number in the email connects you to the scammer, not Apple.
Step 3: Speaking With the Fake “Apple Support” Agent
When you call, you’re greeted by someone who sounds professional and well-trained. They’ll introduce themselves as “an Apple Security Technician” or “Senior Support Agent from Apple Fraud Division.”
They may even use your name (if they found it via your email address or data breach lists) and reference your fake “Case ID.”
They’ll reassure you that they’re here to help, but claim that your Apple ID or device has been compromised and they need to verify your identity.
Typical dialogue might sound like this:
“Thank you for calling Apple Support. We’ve detected suspicious Apple Pay activity on your account. To secure your account, I’ll need to verify your device and help you remove any malicious files that may have caused this unauthorized transaction.”
Step 4: Requesting Remote Access
Next, the scammer will ask you to install a remote access tool, such as:
AnyDesk
TeamViewer
LogMeIn
Zoho Assist
QuickSupport
They claim this is necessary to “scan for security breaches” or “help verify Apple Pay credentials.”
Once installed, these apps give scammers full remote control over your device. They can see your screen, move your mouse, access your files, and even log into your email or banking apps.
Step 5: The “Refund Process” Deception
After gaining access, the scammer may tell you they’ve found “fraudulent charges” and will process a refund — but to do this, you need to “verify your payment method.”
They’ll ask you to open your banking app, PayPal, or Apple Wallet. While you’re doing this, they may manipulate the screen, use fake pop-ups, or change your browser display to show an exaggerated refund error.
Then they’ll claim something like:
“Oh no, it looks like you entered the wrong amount. Instead of refunding $215, the system refunded $2,150. To fix this, you need to send back the difference immediately so our system can balance it.”
This is a classic refund scam — they never sent you any money, but they make it appear that way using on-screen tricks.
Step 6: The Gift Card Trap
To “return the excess refund,” they’ll instruct you to buy Apple Gift Cards, Target, Walmart, or Google Play Cards worth hundreds or thousands of dollars.
They’ll insist it’s temporary and will be reimbursed once the system verifies your account. Once you give them the codes from the back of the cards, your money is gone.
Gift cards are untraceable, anonymous, and irreversible — which is why scammers love them.
Step 7: Escalation or Extortion
If you hesitate or question them, the scammers may become aggressive or threaten you. They might say:
“Your Apple ID will be permanently locked.”
“Your data will be reported to the FBI for fraudulent use.”
“We can see unauthorized devices accessing your iCloud right now.”
These threats are fake, but they’re designed to create panic. Some scammers will even pretend to transfer you to a “supervisor” to appear more legitimate.
Step 8: Data Theft and Long-Term Damage
While connected to your device, scammers can:
Install malware or keyloggers.
Access stored passwords and two-factor authentication messages.
Browse your photos, notes, and files.
Use your Apple ID to reset linked accounts.
They may also gather enough information to commit identity theft — opening credit cards, loans, or subscriptions in your name.
Step 9: Disappearing After the Scam
Once the scammers get what they want (money, gift cards, or personal data), they’ll cut communication abruptly.
If you try to call the number again, it may already be disconnected. These scammers constantly rotate phone numbers to avoid detection and reporting.
Victims often realize the scam only after contacting the real Apple Support, by which time the money is gone.
What to Do If You Have Fallen Victim to This Scam
If you’ve already called the number, given access to your device, or shared payment details, act immediately. Here’s exactly what to do step-by-step.
1. Disconnect the Scammer Immediately
If you’re currently on a call or remote session, hang up and disconnect internet access (Wi-Fi or mobile data) immediately. Then uninstall any remote access tools like AnyDesk or TeamViewer from your device.
2. Change Your Apple ID Password
Go to appleid.apple.com and change your password immediately. Use a strong, unique password that you haven’t used elsewhere. Also, enable two-factor authentication if it’s not already active.
3. Revoke Access to Unknown Devices
On the same Apple ID page, review all devices linked to your account. If you see any device you don’t recognize, remove it and sign out remotely.
4. Scan Your Device for Malware
If you gave remote access, scammers may have installed malicious software. Use a trusted antivirus or antimalware program to perform a full system scan. For iPhones, check for suspicious configuration profiles under Settings → General → VPN & Device Management.
5. Contact Your Bank or Credit Card Provider
If you entered payment details, call your bank immediately. Explain that you were a victim of a tech support scam and request:
A block on unauthorized transactions.
Reissuance of your debit/credit card.
A review of recent activity for suspicious charges.
6. Report the Scam to Apple
Visit reportphishing@apple.com and forward the scam email as an attachment. You can also report phone scams through reportaproblem.apple.com.
7. File a Report with the FTC (U.S. Residents)
In the United States, report the incident to the Federal Trade Commission (FTC) at reportfraud.ftc.gov. This helps track phone-based fraud and prevent further cases.
8. Report the Phone Number
Search the number you called on sites like 800notes.com or WhoCallsMe and leave a report. You can also report the number to FCC.gov/complaints to help investigators block future scams.
9. Check for Identity Theft
If you shared personal information like your SSN, address, or date of birth, visit identitytheft.gov to begin a recovery plan. Place a fraud alert on your credit reports through Experian, Equifax, or TransUnion.
10. Educate and Warn Others
Many victims feel embarrassed, but sharing your experience can prevent others from falling for the same scam. Post a warning on social media, community forums, or local news comment sections.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
How to Spot and Avoid Apple Phishing Scams in the Future
1. Verify Sender Domains
Official Apple emails always come from @apple.com addresses — not @icloudsupport.com, @appleidverify.net, or @securitydivision.com.
2. Never Call Numbers in Emails
Apple never includes direct phone numbers in billing or fraud notifications. Always use official contact options on support.apple.com.
3. Check for Spelling or Grammar Errors
Apple’s communications are meticulously proofread. Any typos or odd phrasing are a clear red flag.
4. Avoid Clicking Links in Emails
Instead of clicking links, open Safari or your Apple device’s settings and check for real alerts there.
This extra layer of security helps prevent unauthorized sign-ins even if your password is compromised.
7. Keep Software Updated
iOS updates often include security patches that prevent remote access or malicious app installations.
Real Victim Stories
Reports across Apple Support Communities and consumer protection boards reveal how widespread this scam has become.
One victim wrote:
“I received an email about an Apple Pay charge in San Diego — I live in Ohio. I called the number and they sounded so professional. They told me my phone was infected and asked me to install AnyDesk. I watched them move my cursor around, then they told me to log into my bank. That’s when I realized it was a scam.”
Another wrote:
“They claimed they refunded $2,100 by mistake and asked me to buy $500 Apple gift cards to return it. I lost $1,000 before I understood what was happening.”
These real stories highlight how sophisticated these scammers are — they sound legitimate, act confident, and even use Apple terminology like “Secure Enclave,” “iCloud authorization,” and “Apple Payment Gateway.”
Why Scammers Use Apple’s Name
Apple is one of the most trusted technology brands in the world, with over 1.5 billion active devices. This makes it an ideal target for scammers because:
People trust Apple communications without hesitation.
Millions use Apple Pay and are worried about unauthorized charges.
Apple devices store sensitive personal and financial information.
By impersonating Apple, scammers exploit that trust to make victims act quickly without verifying.
This kind of brand impersonation phishing isn’t unique to Apple — similar scams exist for Amazon, PayPal, Netflix, and Microsoft — but Apple scams stand out for their realism and the financial damage they can cause.
The Bottom Line
The Unverified Apple Pay Usage Scam is a dangerous but preventable scheme that preys on fear, trust, and urgency. It looks authentic, uses real Apple terminology, and even lists realistic transaction details — but it’s nothing more than a sophisticated con.
Remember:
Apple will never send you an email like this or include phone numbers for urgent contact.
Apple will never ask for remote access, bank details, or gift cards.
Always verify directly through Settings → Apple ID → Payment & Shipping or support.apple.com.
If you’ve already fallen victim, don’t panic — act fast, follow the recovery steps above, and report the incident to Apple, your bank, and the FTC.
The best defense is awareness. By understanding how this scam works, you can help protect yourself — and others — from becoming the next target of this growing Apple Pay phishing operation.
Frequently Asked Questions
What is the “Unverified Apple Pay Usage” scam?
The “Unverified Apple Pay Usage” scam is a phishing and tech support fraud that pretends to be an official Apple security alert. Victims receive an email claiming that someone used their Apple ID or Apple Pay account for an unauthorized transaction, usually showing details such as a case ID, location, and dollar amount. The message includes a fake Apple Support number to call. Once you call, scammers posing as Apple technicians try to gain remote access to your device, steal personal or banking information, or convince you to buy gift cards and share the codes. The email has nothing to do with Apple and is designed to cause panic so you act quickly without verifying.
How does the Unverified Apple Pay Usage scam work?
This scam begins with a fake security alert email that looks like it came from Apple. It tells you that unusual Apple Pay activity was detected and urges you to call a support number immediately. When you call, you’re connected to scammers pretending to be Apple Support agents. They use social engineering tactics to convince you that your account or device is compromised and that they need to connect remotely using tools like AnyDesk or TeamViewer. Once they gain access, they may request your banking credentials or trick you into buying gift cards to “reverse a mistaken refund.” Their real goal is to steal money or sensitive information. Apple never asks users to provide remote access or pay for security assistance.
How can I tell if an Apple Pay security email is fake?
Fake Apple Pay emails often look legitimate but contain subtle red flags.
Generic greeting: Apple always addresses you by your name. Scam emails start with “Dear Customer” or no name at all.
Typos and awkward language: Real Apple messages are professionally written and grammatically correct.
Urgency and fear: Phrases like “Your account will be locked in 24 hours” are meant to rush you.
Suspicious phone numbers: Apple never includes phone numbers in alert emails.
Spoofed sender address: The email might come from a domain like @appleidverify.com or @security-apple.com instead of @apple.com.
Phishing links: Some include fake links to sites that mimic Apple’s support page. Always type support.apple.com directly into your browser rather than clicking email links.
What should I do if I receive an “Unverified Apple Pay Usage” email?
If you receive such an email, do not call the number or click any links. Delete the message immediately. Then forward it to reportphishing@apple.com so Apple can investigate. You can also report the scam to the FTC at reportfraud.ftc.gov. If you want to double-check your Apple Pay transactions, open your Wallet app or sign in directly at appleid.apple.com — never from an email link. Legitimate transactions will appear there, not in random emails.
What happens if I call the number in the scam email?
If you call the number, you’ll reach scammers pretending to be Apple Support. They’ll sound professional and may reference your “case number” or “suspicious activity.” They’ll try to make you install a remote access app like AnyDesk or TeamViewer under the pretext of “checking your security.” Once connected, they can see everything on your screen, steal data, or ask you to log into your bank so they can fake a refund. They often use tricks to make it appear you received extra money, then demand you buy gift cards to “return the overpayment.” Once you give them the codes, the money is gone permanently.
What should I do if I already fell for this Apple Pay scam?
If you’ve already called the number or given remote access, take immediate action:
Disconnect your device from the internet.
Uninstall any remote access apps you installed at their request.
Change your Apple ID password at appleid.apple.com and enable two-factor authentication.
Check your Apple ID devices and sign out of any you don’t recognize.
Contact your bank or credit card provider to block unauthorized transactions and issue new cards.
Run a malware scan if you use a computer or phone they accessed remotely.
Report the scam to Apple, your bank, and the Federal Trade Commission. The faster you act, the better your chances of preventing financial loss or identity theft.
Can Apple Pay accounts actually be hacked this way?
No. The scammers do not hack Apple’s servers or Apple Pay systems. They rely on social engineering — tricking you into giving them access or revealing information voluntarily. Apple Pay uses tokenization and hardware-based security (the Secure Enclave), making it extremely difficult to hack directly. However, if scammers gain control of your Apple ID or device, they can misuse your linked payment methods. That’s why never sharing passwords, verification codes, or remote access is critical to staying safe.
How can I confirm if an Apple Pay transaction is real?
To confirm whether a charge is real, go to your Wallet app on your iPhone or visit appleid.apple.com and review your payment history. You can also check your bank or card statement directly. If the transaction doesn’t appear there, it’s fake. Apple never asks users to confirm or cancel transactions through email or phone calls — everything related to Apple Pay happens inside your Apple device or through verified Apple channels.
Why do scammers use Apple’s name?
Apple is one of the world’s most trusted brands, so impersonating it gives scammers instant credibility. Millions of people use Apple Pay and Apple IDs for purchases and subscriptions. By pretending to be Apple Security, scammers exploit that trust and fear of losing money. It’s a form of brand impersonation fraud, which has become one of the most common phishing tactics in 2025. Similar scams also impersonate Amazon, PayPal, Netflix, and Microsoft, but Apple scams tend to generate higher success rates because users are deeply connected to their Apple accounts.
What should I do if scammers took my money or gift card codes?
If you’ve sent money or shared gift card codes, act fast:
Call your bank immediately to report fraud and block further charges.
If you used Apple Gift Cards, contact Apple Support to report the theft. Although Apple usually cannot refund redeemed cards, they may flag the codes to prevent reuse.
Report the incident to the FTC (reportfraud.ftc.gov) and your local authorities.
If you shared personal data (like SSN or ID), visit identitytheft.gov to protect yourself against identity theft. Speed is essential — the sooner you report it, the better your chances of limiting the damage.
How can I protect myself from future Apple scams?
Follow these key steps to avoid becoming a victim again:
Only use official Apple channels like support.apple.com or the Apple Support app.
Never call numbers listed in unsolicited emails or texts.
Enable two-factor authentication on your Apple ID.
Keep your software updated to block known vulnerabilities.
Use unique passwords for your Apple ID and bank accounts.
Ignore urgent threats like “24-hour account suspension.” Apple never pressures users with deadlines.
Educate family members, especially older relatives who are common targets of tech support scams.
Where can I report fake Apple emails or phone numbers?
You can forward any suspicious email to reportphishing@apple.com. For messages or phone calls, take screenshots and report them through reportfraud.ftc.gov (for U.S. residents). You can also submit a complaint to the Federal Communications Commission (FCC) if a phone number is being used for scam calls. Posting the number on sites like 800notes.com or WhoCallsMe helps others identify the same fraud. Apple also maintains an official guide on reporting phishing attempts at https://support.apple.com/en-us/HT204759.
Is there any legitimate situation where Apple Support would call me?
Apple Support only calls customers if you have requested a call through Apple’s official website or app. Even then, Apple never asks for remote access, passwords, gift cards, or payment verification codes. If someone calls claiming to be Apple and you didn’t initiate the call, it’s a scam. Hang up immediately and call Apple directly through 1-800-MY-APPLE (1-800-692-7753) if you’re unsure.
What’s the difference between a phishing email and a tech support scam?
A phishing email tries to get you to click a malicious link or enter your login credentials on a fake website. A tech support scam typically persuades you to call a fake number, allowing criminals to manipulate you in real time. The Unverified Apple Pay Usage scam combines both: it begins as a phishing email and escalates into a live tech support fraud once you call the number. This hybrid approach makes it particularly dangerous and convincing.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
