Maybe you are halfway through a workday, waiting in a school parking lot, or just about to fall asleep. Your phone buzzes, and there it is: a “Security Advisory” claiming suspicious activity on your Apple ID, a charge of $143.95, and a warning that someone tried to set up Apple Pay. It reads like a calm, official notification. It even includes real Apple phrasing and a real Apple Support link.
Then it gives you the one thing the scammers actually care about: a phone number to call “immediately.”
That single detail, the push to call right now, is where the story changes. Because this is not Apple trying to protect you. It is a carefully staged tech support scam, built to turn your worry into urgency, and your urgency into access.
Scam Overview
The “Unauthorized Apple ID Activity” scam text is a modern twist on an old con: fake support, fake danger, and a fake solution that requires you to hand over control.
At first glance, the message feels credible because it borrows the language people associate with Apple and payment security. It references Apple Pay, a specific dollar amount, and even includes the official Apple billing support page link. It may also mention forwarding suspicious messages to reportphishing@apple.com, which is a real Apple reporting address.
That is the hook. The rest is theater.
What the scam message typically looks like
One common variant looks like this:
“Security Advisory” or “Apple Security Alert”
“Unauthorized Apple ID Activity Possible”
A specific “Activity Logged” section, often including:
An amount like $143.95
A location like “Apple Store (CA)”
A suspicious action, such as “Apple Pay setup initiation”
A clear instruction to call a phone number right away
“Support Resources” that appear official, sometimes mixing real Apple links with scam contact details
A reassuring line like “Apple will never request sensitive account credentials,” which is included to disarm your skepticism, not to protect you
If you have ever thought, “Why would a scammer warn me that scams exist?” the answer is simple: it increases trust. It makes the message feel balanced and legitimate, like it was written by a security team. Meanwhile, it still funnels you toward the scam phone number.
Why this scam works so well
This scam succeeds because it attacks a very specific fear: losing control of your Apple identity.
For many people, an Apple ID is not just a login. It is photos, iCloud backups, contacts, messages, subscriptions, device tracking, saved payment methods, and sometimes business access. Even if you do not use Apple Pay often, the idea that someone is trying to add a card or set up Apple Pay hits a nerve. It suggests a bigger compromise.
The scammers know that, and they lean into it.
They choose details that feel plausible but hard to verify in the moment:
A mid-range amount, not $9.99 and not $9,999
A generic store label and state abbreviation
A “setup initiation” instead of a confirmed purchase, which implies it is still preventable if you act quickly
Then they add time pressure.
“Contact immediately.”
That word is doing a lot of work. It pushes you away from calm verification and toward fast action. And fast action is where mistakes happen.
The core lie: Apple is not behind the alert
Apple does not send security alerts that instruct you to call a random phone number in a text message to resolve “Apple ID activity.” Apple will not route account security through an unsolicited inbound call to a number that appeared in an SMS.
Real Apple account security flows through:
Your device settings
Official Apple websites and apps
Verified Apple Support channels that you initiate yourself, not from a link or number embedded in a scary message
This is the key point: the scam is not primarily about the $143.95. The “charge” is often fake, or it is used as a prop to get you on the phone. The phone call is where the scam becomes dangerous.
What happens if you call the number
Once you call, you reach a fake support center. The person who answers may sound professional, patient, and confident. They might introduce themselves with a common American name, claim they are from “Apple ID & Billing,” and immediately “pull up” your account based on your phone number.
They will usually do some combination of these things:
Claim your Apple ID has been “flagged” for suspicious activity
Say your device is “compromised” or “infected”
Insist the threat is active, ongoing, and time-sensitive
Offer a “secure verification” process that is designed to extract information from you
This is where the scam splits into a few well-worn paths.
The remote access play: turning your phone or computer into their tool
Many versions of this scam involve remote access software.
The “support agent” will tell you they need to “secure” the device, “stop the transfer,” or “reverse the charge.” They may ask you to install a remote access app such as AnyDesk, TeamViewer, or another screen-sharing tool. On a computer, they may guide you to a website to download remote support software. On a phone, they may push you to enable screen sharing, accessibility permissions, or device management profiles.
They frame it as normal support.
It is not.
Once they can see your screen, they can:
Watch you log into banking apps or email
Read verification codes you receive
Guide you to settings pages where they can disable protections
Convince you to “confirm” actions that actually authorize payments or transfers
Collect personal details shown on your screen, including addresses, account numbers, or saved passwords
The most dangerous part is psychological: people relax once “support” is watching, because it feels like help has arrived. Scammers exploit that moment to take over the pace of the interaction.
The refund story: a script that turns into theft
Another common path is the fake refund scenario.
They may claim you were charged, or that a charge is pending, and that they will “process a refund.” Then they create a situation where it looks like they refunded too much, or where your banking screen “shows” an accidental overpayment. Sometimes they use simple deception. Sometimes they manipulate what you see by having you type numbers into forms, open a command window, or view a page that is not your bank at all.
Then comes the pressure:
“We need you to return the overpayment today.”
“This is a compliance issue.”
“If you do not fix it, your account could be frozen.”
The goal is to get you to send money out, quickly, in a way that is hard to reverse.
The gift card demand: the biggest red flag in the entire scam
If the call turns toward gift cards, you are no longer in the “maybe” zone.
Scammers often ask victims to buy gift cards and read the codes to them over the phone, or to send photos of the codes. They may request Apple Gift Cards, but also commonly ask for other brands because those are widely available and resellable.
They will say things like:
“This is a secure verification method.”
“Gift cards are used to authenticate your identity.”
“We need to lock your Apple ID with a security voucher.”
None of that is real.
No legitimate company uses gift cards as a security method. Gift cards are a one-way transfer. That is exactly why scammers love them.
Why the text includes real Apple links
This part confuses people, and it is worth spelling out clearly.
A scam message can contain a real Apple link and still be a scam.
Including an official link is a trust prop. It lowers your guard. It makes the whole message feel like it came from Apple’s ecosystem. It also reduces the chance that spam filters catch it, because it is not linking to an obvious malicious domain.
But notice the structure: the link is there, and the phone number is there.
The scammers want you to call, not click.
Even if you open the official Apple billing page, your problem is not solved. The fear is still there, and the scam text has already told you the “fastest” way to fix it is to call. Many people end up calling anyway, because the official page does not show a clear “stop this $143.95 charge” button.
That gap between fear and clarity is where scammers thrive.
Common red flags to look for
These scam texts tend to share a pattern. If you spot even one of these, slow down:
A demand to call a phone number that appeared in a text
Urgent language that pushes immediate action
A specific dollar amount paired with vague details
Claims about device infection tied to Apple ID activity
Instructions to install remote access software
Any mention of gift cards, crypto, wire transfers, or “security vouchers”
A “support” person who stays on the line while you log in to accounts, buy cards, or move money
Who is targeted
Anyone can receive these messages, but scammers often aim for:
People who use iPhones, iPads, or Macs regularly
People who have payment methods saved on their Apple ID
People who have had recent legitimate subscription charges, making a new charge feel plausible
People who are busy, distracted, or tired, because urgency works best when attention is low
The scam is not about technical sophistication. It is about timing and pressure.
What the scammers ultimately want
The end goal is simple: money.
They may take it in different ways:
Direct bank transfers or instant payment apps
Gift card codes
Access to online banking and financial accounts
Identity details that enable future fraud
Apple ID control that can be used for further extortion, lockouts, or resale of accounts
And they often try to get more than once. If they succeed even partially, they may mark you as responsive and target you again with different scripts.
How the Scam Works
Below is the typical flow, broken into a clear step-by-step sequence. Not every case includes every step, but the structure is remarkably consistent.
1) The hook arrives, a believable warning with a specific number
The message is engineered to feel “just real enough.”
It mentions Apple ID, “security advisory,” and a suspicious Apple Pay action. It includes a charge amount like $143.95 that feels painful but not absurd. It may reference a location like “Apple Store (CA)” that sounds official without being easily verifiable.
Then it gives you the action step the scammers want: call this number.
This is important: the phone number is not customer service. It is the trap door into the scam.
Here is how the scam text might look:
Security Advisory — Unauthorized Apple ID Activity Possible
Dear Customer,
We are notifying you that activity involving your Apple ID has triggered a security alert. Please verify the event detailed below to ensure your account’s integrity.
Activity Logged:
• Amount: $143.95
• Store: Apple Store (CA)
• Attempted Operation: Apple Pay setup initiation
If you did not authorize this operation, contact +18776812703 immediately.
Apple will never request sensitive account credentials or full payment data via email or phone. Suspicious messages should be forwarded to reportphishing@apple.com
2) You call, and they immediately create certainty
On the phone, the scammer does not sound unsure.
They will usually speak like someone following a process:
“I see the flagged activity.”
“Your Apple ID is currently under review.”
“There was an attempted Apple Pay setup.”
“This could indicate device compromise.”
They may ask a few questions that feel like verification but are really data collection:
Your full name
Your email address
Your device model
Whether you have Apple Pay enabled
Whether your bank is “Chase,” “Bank of America,” or another major institution
Even if you do not answer everything, they can keep the call moving. Their goal is not perfect identity verification. Their goal is momentum.
3) They raise the stakes, turning a simple alert into a full-blown emergency
Now they add fear.
The script usually escalates quickly:
“Someone has access to your iCloud.”
“Your device might be infected.”
“Your Apple Pay wallet is being added to another device.”
“If we do not stop this, you may see additional charges.”
This step is psychological. It turns your brain from checking to reacting.
You might start thinking about photos, messages, family backups, saved cards. The scammer wants you to imagine losing control, because that makes you more willing to follow instructions.
4) They push you away from calm verification and toward “guided resolution”
A calm person might hang up and check their Apple ID settings, their bank app, or Apple’s official support channels.
The scammer tries to prevent that.
They may say:
“Do not contact your bank yet, it can interfere with the investigation.”
“Do not reset anything until we secure the device.”
“Stay on the line so we can walk you through it safely.”
The purpose is control. If you stay on the line, you are in their environment, following their pacing.
5) The remote access setup, the moment the scam turns dangerous
This is often the critical turning point.
The scammer tells you they need to “run a security check” or “secure your device.” Then they guide you to install remote access software or enable screen sharing.
They may frame it as normal practice:
“Apple uses secure remote support tools.”
“This is encrypted.”
“I will only view the screen.”
In reality, remote access is how they turn your device into their window.
Once they can see what you see, they can coach you through actions that benefit them:
Opening banking apps
Logging into email, which is where password resets and verification codes land
Accessing your Apple ID settings
Approving prompts that you think are “security confirmations”
Even if they claim they “cannot control” your device, watching your screen is often enough. People read codes out loud. People click what they are told. People reveal far more than they realize.
6) The “proof” step, fake evidence that convinces you the threat is real
Many scammers use simple tricks to “prove” they are right:
They point to normal device logs and call them “malware.”
They show you routine network activity and label it “hacking.”
They use intimidating language like “breach,” “compromised,” “encryption key,” or “dark web exposure.”
Sometimes they will send you a follow-up message or email while on the call, to simulate official documentation.
The goal is not technical truth. The goal is emotional certainty.
If they can make you believe the situation is real, the next requests feel reasonable.
7) The money extraction, usually framed as protection, reversal, or verification
At this stage, different scripts lead to the same outcome: you send value to them.
Common approaches include:
The gift card route
“Buy Apple Gift Cards to secure your account.”
“This is a verification token.”
“Read the codes to me so I can apply them.”
The bank transfer route
“Move your money to a safe account temporarily.”
“We need to isolate funds from the compromised account.”
The refund route
“We will reverse the $143.95.”
“Oh no, the system refunded $1,439.50 by mistake.”
“You must return the difference immediately.”
The scammer creates urgency and adds consequences:
“If you do not do this today, your account could be locked.”
“This is recorded for compliance.”
“You could be held responsible for the charges.”
It is all pressure. None of it is real.
8) The cleanup phase, where they try to cover tracks and keep access
If they have gained anything of value, access, information, or money, they often try to protect their advantage.
They may instruct you to:
Delete texts or call logs
Avoid talking to your bank or Apple “until the case is closed”
Keep the remote app installed “in case we need to monitor”
Disable alerts or notifications that might reveal new activity
This step is about reducing the chance you catch on quickly, and increasing the chance they can strike again.
Sometimes a second scammer will call later, pretending to be “Apple escalation” or “the bank fraud department,” especially if you pushed back the first time. If you engaged once, they may treat you as a promising lead.
What To Do If You Fell Victim
If you called the number, shared information, installed remote access software, or sent money, take a breath. You are not the only person this has happened to, and you can still do a lot to limit the damage.
Work through the steps below in order. You do not have to do everything perfectly, but do not delay.
End contact immediately and stop following instructions Hang up. Do not negotiate, do not argue, do not “finish the process.” The longer you stay engaged, the more chances they have to extract something else.
If you installed AnyDesk or any remote access app, remove it and revoke permissions On a computer, uninstall the remote access tool. On a phone, delete the app, and check for any extra permissions or profiles that could keep access alive.
On iPhone/iPad: check Settings, then look for VPN & Device Management (if present) and remove anything you do not recognize.
Also review Settings > Privacy & Security for anything that looks unusual.
Secure your Apple ID right away Go to your Apple ID settings directly, not through a link in the scam message.
Change your Apple ID password to a strong, unique one.
Review your trusted devices and remove any you do not recognize.
Check your account security settings and make sure two-factor authentication is enabled.
Review payment methods on your Apple account and remove anything suspicious.
If you are worried someone saw your screen, assume they may have seen verification codes or emails.
Lock down your email account, because it is the key to everything Most account takeovers happen through email, not through fancy hacking.
Change your email password.
Turn on two-factor authentication for your email.
Review forwarding rules and filters, scammers sometimes add hidden forwarding to keep receiving your mail.
Check recent login activity and sign out of other sessions.
Call your bank or card issuer and treat this as fraud If you shared card details, logged into your bank while they watched, sent a transfer, or bought gift cards, call your bank’s fraud department.
Ask about:
Stopping or reversing transfers if possible
Disputing unauthorized charges
Issuing a new card number
Placing extra verification on your account
Monitoring for new payees or unusual withdrawals
If you gave them enough information, consider asking about a temporary freeze on certain transaction types.
If you bought gift cards, act fast, even if it feels embarrassing Contact the gift card issuer immediately and report the codes as stolen. Some companies can sometimes freeze remaining value, but it depends on how quickly the code was redeemed. Keep receipts, card numbers, and any proof of purchase.
Do not assume “it is gone anyway.” Speed matters here.
Run a reputable security scan and clean up adware and riskware If you used a computer during the call, or installed anything, scan the device.
Install and run Malwarebytes to check for malware, unwanted programs, and potentially risky software.
If you are dealing with constant pop-ups, fake alerts, or redirect-heavy browsing, consider adding AdGuard to block malicious ads and known scam domains. This can reduce exposure to the kind of pages and scripts scammers rely on.
These tools are not about shame. They are about regaining control and preventing repeat attacks.
Document everything while it is fresh Write down:
The phone number you called
The date and time
What you were asked to do
Any accounts you accessed while on the call
Any payments, transfers, or gift card purchases
Screenshots of the scam text
This helps your bank, helps Apple if you report it, and helps you keep your own story straight when stress makes details fuzzy.
Report the scam through the right channels Forward the scam message to Apple’s phishing reporting address if it is included in the text you received, and report the number as spam in your messaging app.
Depending on your country, you can also report to consumer protection or cybercrime reporting channels. If money was stolen, filing a report can sometimes help with disputes and documentation, even if recovery is uncertain.
Watch for follow-up scams, because they often come in waves After an incident, people often get a second call claiming to be:
Apple “senior support”
The bank “fraud team”
A “recovery service” that can get your money back
Be cautious. Legitimate organizations do not require secrecy, gift cards, or remote access to “recover funds.”
If you are unsure, hang up and call the organization back using a number from the official website or the back of your card.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
The Bottom Line
The “Unauthorized Apple ID Activity” text is not a real Apple security alert, it is a pressure script meant to get you on the phone. The $143.95 charge and the Apple Pay setup language are stage props. The real objective is access, and access is how scammers steal money, gift card codes, and personal information.
If you received one of these texts, the safest move is simple: do not call the number. Go straight to your Apple ID settings, check your accounts calmly, and contact your bank or Apple through official channels you look up yourself.
If you already engaged, it is still fixable. Cut contact, secure your Apple ID and email, involve your bank, remove any remote access tools, and scan your devices with reputable security software like Malwarebytes. Add an extra layer of protection like AdGuard to reduce exposure to malicious ads and scam pages going forward.
This scam is convincing because it borrows the look of legitimacy. Your best defense is refusing to play along with the script, and taking control back on your terms.
FAQ
What is the “Unauthorized Apple ID Activity” scam text?
It’s a fake security alert sent by scammers pretending to be Apple. The message claims suspicious Apple ID activity, often shows a charge like $143.95, and pressures you to call a phone number. The goal is to pull you into a fake tech support call where they try to steal money or personal information.
Is the $143.95 Apple Store (CA) charge real?
In most cases, no. The amount is usually a made-up detail designed to trigger panic and urgency. Even if you do have a real Apple charge on your account, you should verify it by checking your purchase history and your bank or card statement directly, not by calling a number from a text.
Because it makes the message feel legitimate. Scammers often mix real links with scam phone numbers to lower your guard. A real Apple link does not make the text authentic.
What happens if I call the phone number in the text?
You reach a fake support center. They typically claim your Apple ID is compromised or your device is infected. Then they pressure you to take actions that benefit them, such as installing remote access software (AnyDesk or similar), sharing verification codes, logging into accounts while they watch, or sending money.
Will Apple ever tell me to call a phone number from a text to fix account security?
No. Apple does not handle account security through unsolicited SMS messages that push you to call a number “immediately.” If you need support, you should use official Apple channels you look up yourself.
Why do scammers ask to install AnyDesk or remote access apps?
Remote access lets them see your screen and guide you into doing things that expose sensitive information. They may try to capture bank logins, read one-time codes, change settings, or manipulate you into sending money. Legitimate Apple support does not require you to install random remote access software from a text message.
What are the biggest red flags that prove the message is a scam?
Watch for these warning signs:
A demand to call a phone number right away
Urgent language like “immediately” or “security advisory”
Claims about Apple Pay setup attempts you did not initiate
Requests to install AnyDesk, TeamViewer, or similar apps
Pressure to stay on the phone while you log into accounts
Any request for gift cards or gift card codes
What should I do if I received the text but did not call?
Treat it as spam and move on. Then do a quick, calm verification:
Check your Apple ID account security and trusted devices
Review your Apple purchase history
Check your bank or card transactions Do not call the number and do not reply to the text.
What if I called but did not install anything or send money?
Still assume the scammers collected something useful, even if it was just your name, number, or email. You should:
Change your Apple ID password
Enable or confirm two-factor authentication
Review trusted devices and remove anything unfamiliar
Watch your bank and Apple account activity closely for the next few weeks
What if I installed AnyDesk or gave the scammer access to my device?
Act immediately:
Disconnect from the internet if you’re unsure what they changed
Uninstall AnyDesk or any remote access tool
Change passwords for your Apple ID and your email first
Then change banking and other important passwords
Contact your bank’s fraud department and explain what happened
Why do scammers ask for gift cards?
Gift cards are fast, hard to reverse, and easy to resell. No legitimate company uses gift cards for security, verification, or refunds. If anyone claims you must pay with gift cards, it’s a scam.
Can I get my money back if I sent gift card codes?
Sometimes, but it depends on how quickly you act. Contact the gift card issuer immediately, keep receipts, and report the codes as stolen. If the cards were already redeemed, recovery is often difficult, but you should still report it and document everything.
Should I run antivirus or malware scans after this scam?
Yes, especially if you installed anything or followed steps on a computer. Use reputable security tools:
Malwarebytes to scan for malware and unwanted programs
AdGuard to help block malicious ads, scam sites, and redirect traps that often lead to these attacks
How do I report these Apple ID scam texts?
You can:
Mark the message as spam or junk in your messaging app
Forward suspicious messages to Apple’s phishing reporting address if you want to report them
Report the phone number to your carrier or local consumer protection channels, especially if you lost money
How can I verify a real Apple security issue safely?
Use methods you initiate yourself:
Go to your Apple ID settings on your device
Check account security and trusted devices
Review purchase history and subscriptions
Contact Apple Support through official sources you search for directly, not a number from a text message
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
