How I Was Almost Scammed for $12.99 (and What I learned)

It’s no secret that online scams are on the rise. A record high of people is being victims every year. In fact, more than 16 million people were a victim of some kind of identity theft in 2017.

I got almost scammed, and here’s my story.

I was checking my email in the middle of the night when I stumbled upon a suspicious email from Apple. The email was about a transaction from the App Store with a payment receipt document attached to it.

Besides iCloud, I don’t have other subscriptions from Apple or any third-party apps. In my mind, an unauthorized person might have access to my Apple ID.

The email didn’t look quite right, but my fear to lose control of my Apple ID quickly wiped over that worry. I panicked, my heart was racing, and I ultimately opened the payment receipt.

Phishing Email

To my grand surprise, here’s what I found.

Take a few seconds to scan through the screenshot. Take a good look at this receipt. Does it look like a receipt from Apple itself? Does it seem legit to you?

From top to bottom, this receipt screams scam. You don’t have to be too savvy or an IT professional to identify a scam email.

To make it easier, here’s a real receipt from Apple. You can see the difference instantly.

Without thinking twice, I clicked on the link embedded in the body of the receipt that says: To Cancel Your purchase within 48 hours of receiving this Invoice, Go to Cancel and Manage Subscriptions.

And it took me to Apple’s official website, where I can manage my Apple ID.

As soon as I entered my Apple ID, it took me to another page with a warning saying: This Apple ID has been locked, with options to unlock the account. I really started to freak out at this point – seriously.

But I kept going. Because, in my mind, it was Apple helping me to unlock my hacked Apple ID. I wanted to regain access and lock the scammer out as quickly as possible.

That fear prevented me from making any rational decisions at that moment. And I continued with my dangerous adventure, without thinking again, I pressed Unlock Account, which took me to another page. But that time requesting all kinds of personal information.

Okay fine, Apple would need my personal information to verify my identity. So, no big deal here.

Now that I got my first red flag, I started getting more clues and little details that reassured me it was a scam, a poorly executed one. But man, they almost got me.

These are the red flags that made me beyond suspicious:

1. The URL: manages-orderapp.dynv6.net. A URL from Apple’s official website would definitely not look like this. It doesn’t even include “apple” in it. Some scammers would add the word apple somewhere in the URL to make it look more legitimate.

2. When I clicked on the Apple logo in the middle it took me to the same page. It should’ve taken me to Apple’s official homepage, which was not the case. For example, nothing happened when I clicked on the Menu and Shopping cart icons in the upper left and right corner, respectively. These are fake icons, I couldn’t even click them.

3. Take a closer look at the verification form, and you’ll notice that Social Security Number is in all caps, which doesn’t follow the form format. To give you context Personal Information is not in all caps. The text inside the box, which is shorter than the other boxes, is all lower caps – again doesn’t follow the format.

4. Take a look at both pictures right above, specifically the Email sender and the subject line. For Christ’s sake, what’s that email: receiptmailappstore309@bhauytamail…? And, by the way, did you spot that grammatical error in Thanks written Thank’s.

5. The “To” field got two email addresses: Noreply and 1 more. When I clicked them, now it’s just one email address: noreply@deviceapple.com, which happened to be none of my email addresses. But how is that email sitting in my inbox? Weird! That’s a sign that the email didn’t actually come from Apple.

6. Here’s another error “we`ve disable” and that’s not even an apostrophe. That was a poorly written phishing email. English is definitely not the scammer’s first language. That person only got one job to do, to scam me. But here we are.

I’ve never felt so vulnerable or embarrassed about not realizing that I’d been fooled until it was nearly too late.

Here’s what to do when you receive a phishing email:

Phishing emails try to scare you with warnings about stolen information – they can send you a normal email with fraudulent activities from your account like purchases, which was my case.

Whatever the case is, they’ll always offer help. Sometimes easy help like a click and that’s how you’ll become a victim.

1. Stay calm. Don’t freak out, no matter what the email says. Chances are you’ll make a mistake that you’ll regret forever.
2. Don’t open attachments or click on links in emails. Open a new browser and go to the company’s website, sign in there. If something is really wrong you’ll know. They’ll notify you.
3. Use common sense. But if you freak out there’s no way you’ll be able to analyze, use common sense and make rational decisions. That’s why rule #1 is critical. Always stay calm.

I was lucky enough that they were not after my Apple ID but rather my Social Security Number. As soon as I entered my Apple ID, I was told my account was locked, then they took me to another page requesting my personal info.

If you live in the U.S and receive a phishing email about your Apple ID, file a report by forwarding it to the Federal Trade Commission (FTC). But due to the government shutdown, they’re not receiving any more reports at the moment.

Once the government is funded the site should be back up and working fine. Make sure to secure your Apple ID with two-factor authentication.

Have you ever been scammed? Were you in situations where you almost got scammed? Share your story with us.

If this article was helpful, then please share and/or recommend it to your friends so they can benefit from it too.