Identifying Phishing Scams in text messages

I received the phishing scam also just different amount.

Delete and block. Blocking is the key

There is nothing personal in the original post. Those numbers are from the scammer not mine.

I have gotten this text message 2 days in a row about the $143.95 charge. It only shows on my Apple Watch, not my iPhone.

phishing That's not an Apple telephone number.

Fraudsters are getting very good at imitating Apple messages and sometimes the only indication in an email is very subtle. Have a look at this thread. https://discussions.apple.com/thread/255639814 It can be very hard to tell from an email alone if it is authentic. The best way to check is to use an independent way through Apple's own resources to confirm what the communication claims. Scams (e-mail, text messages, and phone calls) are getting very good at closely imitating true Apple communications. Always be cautious. These support articles have some guidelines:

About identifying legitimate emails from the App Store and iTunes Store --> Identify legitimate emails from the App Store or iTunes Store - Apple Support

Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support

Avoid scams when you use Apple Cash --> Avoid scams when you use Apple Cash - Apple Support

About Gift Card Scams --> About Gift Card Scams - Official Apple Support

If you are uncertain about a message and a resource provided in that message, do not click on any links in the message. Try to use an Apple resource you know is valid to independently verify what the message is claiming. Go to a support article page on apple.com and use the instructions in the article to verify though Apple itself, or use an Apple device feature such as Settings or an Apple app. To ask Apple start at this web page: Official Apple Support

- Apple e-mails address you by your real name, not something like "Dear Customer", "Dear Client", or an e-mail address* However, having your actual name is not proof this isn’t phishing. Compromised databases may have your name and address in them.

- Apple e-mails originate from @apple.com or @itunes.com but it is possible to spoof a sender address. "Apple email related to your Apple ID account always comes from appleid@id.apple.com." - About your Apple ID email addresses - Apple Support

- Set your email to display Show Headers or Show Original to view Received From. Apple emails originate from IP addresses starting with "17.".

- Mouse-over links to see if they direct to real Apple web sites. Do not click on them as this just tells the spammer they have a working e-mail address in their database. If you are unsure, contact Apple using a link from the Apple.com web site, not one in an email.

- Phishing emails may include account suspension or similar threats in order to panic you into clicking on a link without thinking. They may report a fake purchase in order to infuriate you into rashly clicking on a false link to report a problem. March 2018 post by Niel There was a fraudulent order on my apple … - Apple Community - "Emails saying that your Apple ID has been locked or disabled are always phishing. If one actually gets disabled, its owner will be told when they try logging into it instead of through email."

- Apple will not ask for personal information in an e-mail and never for a social security number.

- Scams may have bad grammar or spelling mistakes.

- Apple will not phone you unless it is in response to a request from you to have them call you.

* Exception: I got email saying my ID is expired! Does… - Apple Community

Forward email attempts as an attachment (in MacOS Mail use the paperclip icon) to: reportphishing@apple.com then delete it.

If this is with regard to a supposed purchase, this Apple article has relevant information and web links for checking if you really have made a purchase or paid for a subscription: If you see ‘itunes.com/bill‘ or an unfamiliar charge on your bank, credit card, or debit statement - Purchases made under Family Sharing might be charged to the organizer's card but will not appear under the organizer's purchase history or subscriptions. Ask family members about those or check your receipts. --> If you see 'apple.com/bill' on your billing statement - Apple Support Apple will email a receipt to the Family Organizer if a purchase is made on a card held by the Family Organizer. This will have the Apple ID of the purchaser, which you should recognize, but won't have specific about what was purchased.

THANKS FOR POSTING THIS! I just got it too — assumed it was a scam — never had received anything like that before from Apple. But was immediately confirmed for me when I googled about the scam, and you'd put "$143.95" in your post, which is the same amount they had in my scam text. Another way the scammers try to get you: it says, "Failing [to call the number] may lead to auto debit and charge will not be reversed" So I went straight to all my payment accounts and there were no flags, no charges...then googled the number to see if it was legit — none of the prefixes matched the normal support numbers for Apple. I didn't click any of the links within the text, but typed the apple support url they had, separately into my browser, and that was the correct url, so we know clicking their link within the text would've given them what they wanted — remember, just because it says a legitimate url DOES NOT MEAN it links to a legitimate url, so NEVER click a live link within a suspicious text. Conclusion: sneaky, perhaps getting more subtle and clever, but just another scam, successfully dodged. I hit "delete/report" junk. And will now go update passwords next.

Me Too - first checked my apply card and no charges on it - then logged into my apple account to check charge history - the give away was the from phone number was from the Philippines (+64) - but the website in the test was legit - never called the provided phone number because that would give them a legit calling number for me - boy they are getting good

I looked up the number that was left for me to call back – 855–775–****–support.apple.com/billing in the amount one 143.95. I turned off my phone setting to not show my Caller ID and when I called that number it rang about 10 times and then a male answered with “Apple Support” and the line was very noisy. I just said sorry I called the wrong number and hung up so I never did click on the link or anything because I have become super suspicious of emails like this.

[Edited by Moderator]

I keep getting these messages:

“Critical Alert: Spam taking over your phone? Your iPhone is under attack. Resolve it here: 901b43k.irilemo.info”. I have reported it at least a hundred times! What do I do to get rid of them? Please help me!

Millions of people get it; these scams are a major business, bringing in $billions to the perpetrators. Here’s an article about it→https://krebsonsecurity.com/2025/01/a-day-in-the-life-of-a-prolific-voice-phishing-crew/

TiredOfDishonestApple wrote:

This is the text message I received yesterday from 1-8******6:

Your Apple ID was used to make a $155.90 purchase at the Apple Store via Apple Pay . If you didn't authorize this, call Apple Support at  (88******43

Oh, wow, I think you get the daily prize for posting the highest bogus "bill" from this particular phishing spam campaign. 🤪😉

This is one of many common scams.

Here are some few of the many scams: Recognize and avoid social engineering schemes including phishing ...

The "pervert" sextortion spam scam is another and recently popular scam — no, they don't have the videos and images they claim to have — and that scam is discussed around here, and elsewhere on the 'net.

I just got the same text from a strange email address: When I called the 802 number, the guy on the phone said the 143.95 charge was going to a dark website — basically causing panic. He then told me to download the Connectwise Control app — that has a really poor user rating and he would walk me through the steps on how to remove hen hacks. Regardless I’m letting my credit union know to be on the look pit for any charges out of state. I didn’t give the guy a lot of information.

MaxMom322 wrote:

I just got the same text from a strange email address: When I called the 802 number, the guy on the phone said the 143.95 charge was going to a dark website — basically causing panic. He then told me to download the Connectwise Control app — that has a really poor user rating and he would walk me through the steps on how to remove hen hacks. Regardless I’m letting my credit union know to be on the look pit for any charges out of state. I didn’t give the guy a lot of information.

If you provided remote access into it, the contents of your Mac were probably pillaged. There's not a whole lot you can do about un-pillaging whatever was done there, other than restoring a backup from prior to the access, and changing all of your passwords, including your email server passwords, and your Apple Account passwords.

Without intending offense, you need to work on your skepticism, too.

"DARK WEB", "HACKER", "VIRUS", anything you're reading that includes any of those words is best assumed to be a fraud, a scam, or entertainment, until proven otherwise.

I too just received this text on 1/15/25:

Your Apple ID was used to make a $155.90 purchase at the Apple Store via Apple Pay . If you didn't authorize this, call Apple Support at +1 (8*8) **9 ***2

Upon copying & pasting the text here and noticing the typo of the space after Pay before the period tells me everything I need to know that this is a bs scam.

[Edited by Moderator]

iHolly43 wrote:

I too just received this text on 1/15/25:

Your Apple ID was used to make a $155.90 purchase at the Apple Store via Apple Pay . If you didn't authorize this, call Apple Support at +1 (8*8) **9 ***2

Upon copying & pasting the text here and noticing the typo of the space after Pay before the period tells me everything I need to know that this is a bs scam.

[Edited by Moderator]

Yeah, there’s the “pervert” and other sextortion scams, the “(3) viruses detected!” scams, the so-called “pig butchering” and other romance scams, your “arrested” relative needs help making bail, incessant barrages of two factor code account take-over scams, endemic counterfeit devices on offer, and all sorts of bogus bills.

Reddit has an endless supply of example scams: https://reddit.com/r/scams

Welcome to 2025.

PS: Apple recently renamed Apple ID to Apple Account, so there’ll be a brief fleeting moment when the Apple scams are really easy to pick out. Until the scammers catch up with the new name.