img HowTosOSX

Apple music membership email scam - how to stop in 2016

Be updated on the Apple music membership email scam campaign, learn how to recognize this phishing, and get recommendations on how to stay on the safe side.

An increasing number of reports about fake music individual membership scam are making the rounds in the Apple customer circles. Cybercrooks have been sending emails with rogue order receipts to people who never actually purchased any such subscription. The significant amount of money allegedly paid for the service, though, makes users want to learn more, cancel the bizarre deal and file a refund request. By clicking on the “Cancel / Manage Applications” link in the phishing email, people run the risk of exposing their sensitive information to the fraudsters. The landing page that the targeted users end up on asks for their Apple account details, including Apple ID and password, and then provides more fields to fill out with credit card information, first and last name, as well as their address.

Fake Apple music subscription invoice sent over email

Similarly to earlier hoaxes, such as the already notorious iTunes email scam, the perpetrators’ main objective is to dupe Mac OS X and iOS users into providing their PID (personally identifiable data). If a victim happens to fall for it and does submit the requested details on the bogus login page and adjacent screens, the ill-minded social engineers will get hold of sufficient info to compromise their identity. The Apple account login credentials can be further used to change the password, lock the person’s device remotely and extort a ransom for unlocking. Furthermore, by using one’s credit card information and other confidential data obtained in the course of this phishing attack, the scammers shouldn’t find it difficult to make purchases online or even transfer money from the victim’s bank account to their own.

The first thing that should raise a red flag when a deceptive Apple music membership email appears in your inbox is the wrong Apple ID – it won’t match with your genuine login. Another thing to pay attention to is the incorrect device name that may be indicated as well. Also, keep in mind that Apple will never ask for account credentials over email. The rule of thumb in scenarios like this is to never click on the link that says “Click here for refund”, “iTunes Payment Cancellation Form”, “Cancel / Manage Subscriptions”, or “Cancel / Manage Applications”. These hyperlinks will redirect you to a counterfeit login screen that records everything you enter in it and thus makes your sensitive data available for the threat actors. In some cases, these links may facilitate drive-by downloads of malicious software. Be sure to follow these simple tips to stay on the safe side.


Check your Mac for Apple music membership scam related malware

1. Download and install MacKeeper application (read review). In addition to security features, this tool provides a vast arsenal of Mac optimization capabilities

Download MacKeeper

2. Get your Mac checked for malicious software by going to System Scan and starting the scan procedure

MacKeeper: Analysis

3. When the app comes up with a list of detected security issues, get those fixed by clicking the respective button.