How I Was Almost Scammed for $12.99 (and What I learned)

Updated on
Reviewed

Editor, Writer, Founder

Herby has a healthy obsession with all things technology, especially smartphones. He loves to rip things apart to see how they work. He is responsible for the editorial direction, strategy, and growth of Gotechtor.

Learn about Gotechtor

Gotechtor.com is reader-supported. When you make a purchase through links on this page, we may earn a commission. See our ethics statement.

It’s no secret that online scams are on the rise. A record high of people is being victims every year. In fact, more than 16 million people were a victim of some kind of identity theft in 2017.

I got almost scammed, and here’s my story.

I was checking my email in the middle of the night when I stumbled upon a suspicious email from Apple. The email was about a transaction from the App Store with a payment receipt document attached to it.

Besides iCloud, I don’t have other subscriptions from Apple or any third-party apps. In my mind, an unauthorized person might have access to my Apple ID.

The email didn’t look quite right, but my fear to lose control of my Apple ID quickly wiped over that worry. I panicked, my heart was racing, and I ultimately opened the payment receipt.

Phishing Email

To my grand surprise, here’s what I found.

A phishing apple payment receipt
Screenshot of the receipt from the scammer. Herby Jasmin/Gotechtor

Take a few seconds to scan through the screenshot. Take a good look at this receipt. Does it look like a receipt from Apple itself? Does it seem legit to you?

From top to bottom, this receipt screams scam. You don’t have to be too savvy or an IT professional to identify a scam email.

To make it easier, here’s a real receipt from Apple. You can see the difference instantly.

A legit receipt from Apple
Screenshot of the receipt from Apple. Herby Jasmin/Gotechtor

Almost Got Scammed

But I almost fell prey to this scam because I believed they hacked my Apple ID. All I wanted is to regain control of my Account and cancel that transaction.

Without thinking twice, I clicked on the link embedded in the body of the receipt that says: To Cancel Your purchase within 48 hours of receiving this Invoice, Go to Cancel and Manage Subscriptions.

And it took me to Apple’s official website, where I can manage my Apple ID.

As soon as I entered my Apple ID, it took me to another page with a warning saying: This Apple ID has been locked, with options to unlock the account. I really started to freak out at this point – seriously.

Apple ID locked warning message

But I kept going. Because, in my mind, it was Apple helping me to unlock my hacked Apple ID. I wanted to regain access and lock the scammer out as quickly as possible.

That fear prevented me from making any rational decisions at that moment. And I continued with my dangerous adventure, without thinking again, I pressed Unlock Account, which took me to another page. But that time requesting all kinds of personal information.

Okay fine, Apple would need my personal information to verify my identity. So, no big deal here.

almost scammed

Phishing Email Red Flags

The first red flag I finally recognized was the Social Security Number. It was at that particular moment I realized it was a scam. There’s no way on earth Apple would ask me for my SSN to verify my account.

Now that I got my first red flag, I started getting more clues and little details that reassured me it was a scam, a poorly executed one. But man, they almost got me.

These are the red flags that made me beyond suspicious:

  1. The URL: manages-orderapp.dynv6.net. A URL from Apple’s official website would definitely not look like this. It doesn’t even include “apple” in it. Some scammers would add the word apple somewhere in the URL to make it look more legitimate.
  1. When I clicked on the Apple logo in the middle it took me to the same page. It should’ve taken me to Apple’s official homepage, which was not the case. For example, nothing happened when I clicked on the Menu and Shopping cart icons in the upper left and right corner, respectively. These are fake icons, I couldn’t even click them.
  1. Take a closer look at the verification form, and you’ll notice that Social Security Number is in all caps, which doesn’t follow the form format. To give you context Personal Information is not in all caps. The text inside the box, which is shorter than the other boxes, is all lower caps – again doesn’t follow the format.
  1. Take a look at both pictures right above, specifically the Email sender and the subject line. For Christ’s sake, what’s that email: receiptmailappstore309@bhauytamail…? And, by the way, did you spot that grammatical error in Thanks written Thank’s.
  1. The “To” field got two email addresses: Noreply and 1 more. When I clicked them, now it’s just one email address: noreply@deviceapple.com, which happened to be none of my email addresses. But how is that email sitting in my inbox? Weird! That’s a sign that the email didn’t actually come from Apple.
almost scammed
  1. Here’s another error “we`ve disable” and that’s not even an apostrophe. That was a poorly written phishing email. English is definitely not the scammer’s first language. That person only got one job to do, to scam me. But here we are.
Phishing email

What You Can Learn from My Mistake

Scammers have been trying to exploit Apple users to gain access to their accounts. My case is a typical example. I’d have compromised my online privacy and security if I had given away my personal information including my SSN.

I’ve never felt so vulnerable or embarrassed about not realizing that I’d been fooled until it was nearly too late.

Here’s what to do when you receive a phishing email:

Phishing emails try to scare you with warnings about stolen information – they can send you a normal email with fraudulent activities from your account like purchases, which was my case.

Whatever the case is, they’ll always offer help. Sometimes easy help like a click and that’s how you’ll become a victim.

  1. Stay calm. Don’t freak out, no matter what the email says. Chances are you’ll make a mistake that you’ll regret forever.
  2. Don’t open attachments or click on links in emails. Open a new browser and go to the company’s website, sign in there. If something is really wrong you’ll know. They’ll notify you.
  3. Use common sense. But if you freak out there’s no way you’ll be able to analyze, use common sense and make rational decisions. That’s why rule #1 is critical. Always stay calm.

Conclusion

In my case, I wasn’t calm at all. I freaked out thinking someone has access to my Apple ID and started to click like crazy.

I was lucky enough that they were not after my Apple ID but rather my Social Security Number. As soon as I entered my Apple ID, I was told my account was locked, then they took me to another page requesting my personal info.

If you live in the U.S and receive a phishing email about your Apple ID, file a report by forwarding it to the Federal Trade Commission (FTC). But due to the government shutdown, they’re not receiving any more reports at the moment.

Once the government is funded the site should be back up and working fine. Make sure to secure your Apple ID with two-factor authentication.

Have you ever been scammed? Were you in situations where you almost got scammed? Share your story with us.

If this article was helpful, then please share and/or recommend it to your friends so they can benefit from it too.

Editor, Writer, Founder

Herby has a healthy obsession with all things technology, especially smartphones. He loves to rip things apart to see how they work. He is responsible for the editorial direction, strategy, and growth of Gotechtor.

Herby Jasmin

's latest stories

Leave a Comment

Welcome to our community. We invite you to join our discussion. Please read and understand Gotechtor's community guidelines before participating. So be respectful and constructive and keep on topic.