User profile for user: Christina146
Christina146 Author
User level: Level 1
8 points

Unauthorized charge

I received a charge for an app I didnt purchase. What should I do?

iPhone 8 Plus, iOS 13

Posted on Sep 23, 2020 06:35 PM

Reply
Question marked as Top-ranking reply
User profile for user: MrHoffman
MrHoffman
Community+ 2025
User level: Level 10
141,199 points

Posted on Sep 23, 2020 06:41 PM

Have you confirmed that the charge actually occurred, or are you basing this on an email message?

Phishing is very common, and fake purchases are routinely used as the “hook” for the phishing.

Recognize and avoid phishing messages, phony support calls, and other scams - Apple Support

Identify legitimate emails from the App Store or iTunes Store - Apple Support

See your purchase history for the App Store or iTunes Store - Apple Support

If there really was a purchase, your Apple ID password is known to others.

(Or your settings allowed someone with local access to your device to make the purchase.)

If you think your Apple ID has been compromised - Apple Support

View in context

Similar questions

3 replies
Question marked as Top-ranking reply
User profile for user: MrHoffman
MrHoffman
Community+ 2025
User level: Level 10
141,199 points

Sep 23, 2020 06:41 PM in response to Christina146

Have you confirmed that the charge actually occurred, or are you basing this on an email message?

Phishing is very common, and fake purchases are routinely used as the “hook” for the phishing.

Recognize and avoid phishing messages, phony support calls, and other scams - Apple Support

Identify legitimate emails from the App Store or iTunes Store - Apple Support

See your purchase history for the App Store or iTunes Store - Apple Support

If there really was a purchase, your Apple ID password is known to others.

(Or your settings allowed someone with local access to your device to make the purchase.)

If you think your Apple ID has been compromised - Apple Support

Reply
User profile for user: MrHoffman
MrHoffman
Community+ 2025
User level: Level 10
141,199 points

Sep 25, 2020 08:33 AM in response to Christina146

Sending email addresses and calling telephone numbers are both routinely spoofed/faked/forged, too.


If you’ve re-used passwords anywhere and that service or social media site or mail service (Yahoo, for instance) was then breached, your passwords will be retried. This as many web services used rotten password hashes, or (wrongly) stored the passwords as encrypted, or (wrongly) stored the passwords as plain, unencrypted, unhashed, readable, text. Unique passwords avoid folks using those old passwords against all the other services in existence; what’s called password cramming.


Those same breached-service dumps also show email addresses, which means malcontents then know to send Apple-flavored scams and phishing to Apple-related email addresses.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Unauthorized charge

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up