Apple Pay Phishing Attack Aims to Steal Your Payment

This Apple Pay phishing attack’s primary goal is to steal login codes and payment data. Threat actors exploit the trust users place in the Apple brand, enabling them to bypass security measures and seize control.

The impact of this scam is significant and dangerous. If successful, attackers gain full access to the victim’s Apple account, including stored photos, data, and linked credit cards.

The convincing nature of the fake invoices, such as a receipt for a 2025 MacBook Air, makes it a highly potent threat to consumers.

The Mechanics of the Fake Support Call

When a victim dials the provided support number, an agent introduces themselves as part of Apple’s fraud department.

The conversation is carefully scripted to build trust, starting with harmless checks like the last four digits of a phone number.

The agent explains that the system “partially blocked” a transaction and needs verification to fully secure the account.

This is the critical trap: the scammer asks for the Apple ID two-factor authentication code. Unbeknownst to the victim, the criminal is logging into the account in real-time.

The agent might even claim that criminals are currently in a physical store attempting to use the card, adding pressure.

To stay safe, users should remember that Apple does not schedule fraud appointments via email or demand callbacks.

Always closely inspect the sender’s address, as these emails do not originate from official Apple domains. Never share two-factor authentication codes or passwords with anyone, even if they claim to be support staff.

If you suspect an issue, change your Apple ID password immediately, sign out of all active sessions, and monitor your bank statements for irregular activity closely for the next few weeks.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.