A new warning has been issued to iPhone users this week, alerting them to a scam draining people's bank accounts. Fake 'Apple Pay fraud alerts' are being sent via text messages to victims, claiming there is a problem with their account, such as a purchase was attempted or declined, prompting immediate action. If victims call the number or click the link, they are connected to scammers posing as Apple Support, banks or even law enforcement officials. The fraudsters often claim the victim's money is in immediate danger and may use stolen personal details to make the threat seem believable.
Tactics Used to Pressure Victims in the Scam
Victims are then pressured to act quickly, often told to move money to a so-called 'safe' account, withdraw cash or send funds through Apple Pay, Apple Cash or gift cards. ConsumerAffairs, a consumer advocacy organization, released details about the scam on Wednesday, saying there are several warning signs consumers should watch for, including unexpected messages about Apple Pay activity, requests to call a phone number included in a text or email, and pressure to act quickly. Requests for passwords, security codes or instructions to move money, especially if someone tells you to lie to your bank, are also major red flags.
Apple's Warning About Unsolicited Messages
Apple has repeatedly said that it does not send unsolicited texts asking customers to call support or provide sensitive information. If you receive a suspicious message, experts advise not clicking links or calling numbers provided in the message. The scheme is designed to trick people into authorizing the payment themselves, making it extremely difficult to recover the stolen money once it's sent. Experts at ConsumerAffairs, a consumer advocacy organization, released details about the scam on Wednesday, saying: 'In one case, a victim received a text warning of a suspicious Apple Pay charge and was urged to call a number for help. 'The call connected her directly to a scammer posing as an official investigator, who ultimately convinced her to withdraw $15,000. Fortunately, a bank teller recognized the scam and told her to hang up.'
Unlike traditional hacking, these scams rely on social engineering, manipulating people rather than breaking into computer systems, ConsumerAffairs reported. 'Apple Pay itself is secure, but scammers exploit trust in the brand and the speed of digital payments,' the organization added. Instead, users should check their Apple Pay activity directly on their device and contact Apple or their bank using official phone numbers or websites. Anyone who believes they have been targeted should immediately stop any transactions, notify their bank or card issuer, and report the incident to authorities such as the Federal Trade Commission. Authorities warn that Apple Pay scams are spreading because they are simple, convincing and highly effective.
Experts said the most important defense is slowing down because messages designed to create urgency or fear are often the first sign that something isn't right. Details about the new scam come as Apple released an emergency iOS update last week urging millions of iPhone users to download it now. The company expanded the availability of its iOS 18.7.7 and iPadOS 18.7.7 updates to a much wider range of devices warning that the software contains critical protections against a cyberattack method known as DarkSword. Apple said this allows more users with automatic updates enabled to receive protection from what it described as web-based attacks. The DarkSword exploit kit first identified in 2025 is designed to target vulnerable Apple devices and secretly install malicious software. Security researchers said the attack is triggered when a user visits a legitimate website that has been secretly infected with malicious code—a tactic known as a 'watering hole attack.'
Once activated the malware can install hidden backdoors that allow hackers to maintain long-term access to a device and steal sensitive information. Experts warned that a newer version of the hacking tool has now leaked online raising fears that additional cybercriminal groups could begin using it in broader attacks. Users who believe they may be targets of such attacks particularly journalists activists or those handling sensitive information are advised to enable Apple's Lockdown Mode by going to Settings selecting Privacy & Security tapping Lockdown Mode and following the prompts to turn it on and restart their device.