A new phishing scam is doing the rounds by exploiting something lots of iPhone owners use daily: Apple Pay – and the panic that comes with a “fraud alert” you can’t ignore.
As first reported by AppleInsider, it typically starts with an email (and sometimes a text) that looks like it’s from Apple, complete with familiar logos and formatting. The message claims a high-value Apple Pay transaction has been blocked due to suspicious activity, and warns that unless you act quickly, the payment may still go through. The goal is simple: get you worried enough to follow the instructions instead of pausing to verify what’s happening.
The hook is a phone number. You’re told to call “Apple Support” to secure your account, cancel the transaction, or remove an unknown device. But that number doesn’t go to Apple – it goes straight to the scammers, who then talk you through a fake support flow designed to extract your Apple Account details, verification codes, and potentially payment information.
This one catches people because the presentation is polished, and it’s built around a believable situation: nobody wants to lose hundreds of dollars to a rogue Apple Pay purchase. But there are a couple of tells. Apple Pay-related activity is normally surfaced in the Wallet app (or via legitimate purchase receipts), not via a random “act now or we’ll approve it” email. And Apple isn’t going to outsource account security to an urgent phone call initiated from a message you received out of the blue.
The safest response is to treat any unexpected Apple Pay “fraud” message as unverified. Don’t call the number, don’t click the links, and don’t share verification codes with anyone on the phone. Instead, open Wallet (and your card issuer’s app, if relevant) to check recent transactions, then contact Apple through official channels such as the Support app or Apple’s website. If you receive a suspicious email or message that claims to be from Apple, forward it to reportphishing@apple.com so Apple can investigate.