A new and dangerously convincing phishing campaign targeting Apple Pay users is sweeping the internet, luring victims with seemingly legitimate fraud alerts and then tricking them into giving away sensitive account credentials, two-factor authentication (2FA) codes, and payment information.
Experts warn that this scam is one of the more sophisticated phishing campaigns seen in recent months because it combines genuine-looking emails with scripted fake support interactions designed to exploit natural user trust in Apple’s brand and customer support processes.
How the Scam Begins
According to security analysts, the attack starts with an email that looks eerily authentic — featuring Apple’s trademark logo, professional formatting, case IDs, time stamps, and urgent language suggesting suspicious activity on the user’s Apple Pay account. In some cases, the message even claims that a high-value transaction was flagged and “blocked,” and that an appointment has already been booked for the user to address the issue.
The email often urges the recipient to call a listed phone number immediately. Unlike most phishing scams that rely on links to fake websites, this one takes victims into a phony phone-based support flow.
Fake Support Calls: The Core of the Scam
Once a user calls the number in the email, they are connected with someone posing as an Apple support agent — typically claiming to be from Apple’s Billing & Fraud Prevention team. These scammers use carefully scripted dialogue to build trust, starting with seemingly harmless personal questions about the target’s name and devices.
The scam reaches its critical phase when the fake agent asks the user to confirm their Apple ID and read aloud verification codes, often sent via SMS in real time. In reality, the scammer triggers real login attempts and then harvests the 2FA codes as they arrive to bypass security measures and take control of the victim’s Apple account and associated payment methods.
From there, the conversation is used to extract additional details about linked bank accounts or credit cards stored in Apple Wallet — all under the guise of “securing” the account and preventing fraud.
Why This Scam Works
Security experts point out two major factors that make this scam especially effective:
- Trust in Apple’s Brand: Apple’s reputation for tight security and customer support can make users less cautious when warned about account problems.
- Real Monetary Stakes: Unlike scams that offer fake prizes, this phishing scheme invokes real-money concern — fake fraud alerts about Apple Pay charges — which can prompt victims to act quickly and follow instructions without verifying legitimacy.
How to Protect Yourself
Recognizing the red flags is critical. Cybersecurity guidance emphasizes that:
- Apple will never send unsolicited emails requesting that you call a number to resolve billing issues or fraud.
- Legitimate companies do not ask for 2FA verification codes or passwords over the phone.
- Always verify suspicious alerts directly through the official Apple website or the Apple Pay/Wallet app on your device.
If you believe you have fallen victim to this scam, change your Apple ID password immediately — but do it directly through the Apple ID settings, not via any link or instructions in the suspicious email. Also, monitor all linked bank accounts and cards for unusual activity, and notify your financial institution if necessary.
The Bigger Picture
This Apple Pay phishing attack is part of a broader trend of voice-based social engineering scams — often called vishing — where attackers leverage phone interactions rather than just emails or websites to harvest credentials. As other scams continue to proliferate across platforms, cybersecurity experts warn users to remain vigilant and always scrutinize urgent-looking messages claiming to be from household technology brands.
