Today’s Scam of the day comes from a Scamicide reader who was emailed the receipt copied below.  It is a very well done phishing email that like many phishing emails tries to lure you into clicking on a link that will either download malware such as ransomware or keystroke logging malware on to your computer or alternatively convince you to provide personal information that will be used to make you a victim of identity theft.  In this particular case, you are sent a receipt from the App store for a video game that you have not ordered.  The receipt contains a link for you to click on if you dispute the charge.  As phishing scams go, this one is quite convincing, but there are some obvious indications that it is a scam.

TIPS

One of the first things to remember is that it is quite simple to counterfeit a corporate logo so the fact that the receipt contained the Apple logo is not an indication that the receipt is legitimate.  Some of the indications that the receipt is a phishing scam is that the email address from which it is sent is not an official Apple email address. This is one of the first things you should look at if you ever get such an email.  However, even if the email address appears to be legitimate, a sophisticated scammer is able to mask the email address from which he or she is really sending the email so merely because the email appears to come from a legitimate email address is not grounds for trusting it.  Another indication that this is a scam is that it is addressed to “Dear customers” which not only does not use your name, but uses the plural “customers” which is odd.  A real receipt would include both your name and your account number.  You can hover your mouse over any link in emails that you may receive in order to learn where you are being sent if you click on the link.  In this case, it would not have sent you to an Apple website.  The best course of action if you receive such an email and you think that it may be legitimate, is to contact the company, in this case Apple, directly rather than through the link in the email.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”