Phishing email alert: Apple Pay impersonated in sophisticated attack

As cybercrime evolves, cybercriminals are developing new sophisticated attacks designed to infiltrate, interfere with and infect the computer systems of some of the world’s most trusted brands and companies.

Apple Pay is the latest victim, with legitimate-looking receipts purporting to be from the company hitting inboxes and successfully duping some unsuspecting customers. These phishing emails were designed to steal confidential personal and billing credentials, like the victim’s Apple ID and password, mobile phone numbers, credit card data and other valuable information.

Titled ‘ApplePay (Automatic Payment)’, the email uses a display name of ‘support@’, and the body of the text appears as an official copy of an Apple Pay receipt, informing recipients of an ‘integrated purchase’.

Within the email, several links lead to a copy of the Apple login page. The page first asks the user to enter their Apple ID email address and password, before victims are led to another page informing them their account is locked. Users who click on the ‘unlock your account’ link are led to another page purporting to be from Apple, requesting their billing details.

Another page then follows, requesting ‘additional information’ from users, including their credit card information. During the final step, recipients are asked to enter a one-time authorisation code sent to their mobile numbers. Having undergone all the above steps, users are informed their account is ‘verified’ and they are redirected to the legitimate Apple login page.

MailGuard has determined that this email actually comes from one of two compromised accounts and understands the domain used to host the fake Apple site was registered in the past 24 hours for the purpose of the scam.

The inclusion of Apple Pay’s logo and branding, along with the presence of a seemingly secure and ‘official’ multiple-step procedure to verify accounts, are tools adopted to boost the authenticity of the email. Having convinced recipients that the email is from Apple Pay, cybercriminals exploit the trusted reputation of the brand to trick the company’s large customer base into divulging their confidential data.

What is ‘phishing?’

Phishing is the practice of tricking email recipients into revealing personal information that criminals can exploit for gain. Targeting a wide group of random people, the attackers know that not everyone will respond, but they know that if they send enough emails out somebody will probably take the bait.

A phishing attack message will typically include a link that will send the unwary victim to a fake login website. Once there, the user will be asked to enter username and password data which will be automatically captured by the phishing page. Scammers use phishing pages to collect login credentials for email accounts, bank accounts, and a wide range of other online services.

Commenting on the scam, Craig McDonald, CEO & Founder of MailGuard, an Australian cybersecurity firm said: “This is a very cleverly executed scam. Not only does it mimic a major household brand like Apple, that nearly everyone online has a relationship with, but the mechanics it employs to extract sensitive data and credentials are also executed seamlessly.”

“Starting with a simple email receipt, the email entices curious recipients to click through to authentic-looking landing pages that trick users into handing over contact details, birth dates, mobile phone numbers and credit card info – all extremely useful to perpetrate identity fraud, or for re-sale on the dark web.”

“Anyone that receives an Apple email should be extremely vigilant and check its authenticity before providing any confidential information online.”

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

emails

How can businesses combat easy email mistakes?

It’s no secret that threats to email security are on the rise. According to a recent survey, 92% of organisations were victims of…
Phish

State of the Phish 2023

Following the release of Proofpoint’s 2023 ‘State of the Phish’ report today, cybersecurity experts Rick Jones, CEO and Co-Founder…

Group-IB uncovers wide-scale phishing campaign

Group-IB has published its research into a wide-scale phishing scheme that sees scammers impersonate one of the manpower agencies
phishing

A third of suspicious emails reported by employees are phishing

33% of emails employees report as phishing are either malicious or highly suspect, according to new research. The finding comes from an

Phishing email alert: Apple Pay impersonated in sophisticated attack

As cybercrime evolves, cybercriminals are developing new sophisticated attacks designed to infiltrate, interfere with and infect the computer systems of some of the world’s most trusted brands and companies.
Scroll to Top