I Got Scammed on Apple Pay! What Can I Do?
When Sophia Rosenbaum went looking for tickets to a sold-out Ariana Grande concert, she ran into more than her fair share of scammers on Facebook Marketplace. So, when she found a ticket seller who seemed legitimate, she took extra precautions.
After speaking with the seller over audio chat multiple times, she was confident that he wasn’t a fraudster. She still felt good about the transaction after he insisted that she send him money over Apple Cash — a payment system similar to Venmo or Cash App.
That was, until he accepted her transfer and disappeared [*].
Scams that take advantage of digital wallets and mobile payment apps like Apple Pay or Apple Cash are on the rise. According to the U.S. Public Interest Research Group (PIRG), fraud complaints from digital payment systems have increased by 12% from January to November in 2022 [*].
Most consumers don’t realize that once money leaves a mobile wallet, there are few ways to get it back.
So, how do you protect yourself against scams and fraudsters when using Apple Pay to send cash or make payments? In this guide, we’ll explain how Apple Pay scams work, the red flags and common scams to watch out for, and how to keep your money safe.
How Does Apple Pay Work? Why Do Scammers Use It?
Apple Pay is a digital wallet and contactless payment technology designed exclusively for Apple devices.
With 85% of U.S. retailers accepting Apple Pay [*], there’s a good chance that you’ve already tapped your iPhone or Apple Watch to make a payment using this platform. You can also use it on your Mac or iPad to pay for services, shop online, and sign up for subscriptions (like Apple Music or TV).
Here’s how it works:
- First, you link a credit or debit card to your Apple Pay account. This could include MasterCard, Visa, American Express, or even payment cards associated with U.S. Federal programs such as GSA SmartPay and Social Security.
- Then, when you see the Apple Pay logo (or use a website that accepts Apple Pay), you can pay using your linked card on your device. You don’t even have to use your PIN, as you can verify the payment using biometric information such as your fingerprint or facial scan.
- But instead of simply sharing your card information, Apple Pay creates a unique transaction code and device-specific code for every purchase. This means that even if you make a purchase on a shady website, scammers can’t steal your credit card numbers.
But just because scammers can’t steal your credit card numbers using Apple Pay doesn’t mean they can’t steal your money.
Apple Cash is a feature that allows you to send money to other Apple Pay users.
Criminals target Apple Cash because it’s a peer-to-peer digital wallet that doesn’t offer buyer protection. While federal laws cap your liability for credit card fraud at $50 (and many companies offer $0 liability policies), those same laws don’t apply to digital payment systems like Apple or Google Pay.
If you send a scammer money over Apple Cash, it’s essentially gone — you can’t initiate a chargeback or request a refund, making every transaction a potential risk.
Also, if scammers gain access to your Apple Pay account, it means they don’t need your physical credit or debit card or your PIN.
7 Ways Fraudsters Try To Scam You Using Apple Pay
- Buying big ticket items with stolen credit card details on Apple Pay
- Fake lottery or sweepstakes scams that steal your personal information
- Overpayment scams on online marketplaces
- Phishing text messages that claim your Apple Pay account has been compromised
- Hacking your account information over unsecured Wi-Fi networks
- Receiving unsolicited payments (or requests) via Apple Pay
- Bots that steal your Apple Pay two-factor authentication (2FA) codes
Apple Pay is generally secure and safe to use in most situations. But there are ways that scammers can take advantage of Apple Pay to steal your money.
1. Buying big ticket items with stolen credit card details on Apple Pay
Apple Pay offers one of the easiest methods to pay for items on Facebook Marketplace or other online marketplaces. But scammers take advantage of this ease of use to scam you when you’re selling hard-to-find items online.
In this scam, fraudsters connect a stolen credit card (usually purchased off the Dark Web after a data breach) to their Apple Pay wallet. Then, they search for big-ticket items on sites like eBay or Facebook Marketplace and offer to pay for these items through Apple Pay.
But when the original card owner files a fraud dispute against the transaction, the seller loses both the money and the product.
The same scam can also be run in reverse: scammers accept your payment without sending the promised product.
How to avoid this scam:
Treat Apple Cash as if you are handing someone physical cash. If you don’t know them, don’t send them money.
2. Fake lottery or sweepstakes scams that steal your personal information
In this scam, their goal is to get you to click on the link, which directs you to a fake Apple Pay website through which you can request the alleged prize money. Then, scammers use the information you provide — such as your name, address, and payment information — to steal money from your wallet.
How to avoid this scam:
Always be cautious when clicking on links in unsolicited texts and emails. Click on the padlock symbol of the website you’re taken to, and look for signs that it’s legitimate — such as verification that you are using the official “Apple.com” domain which includes a valid SSL certificate.
3. Overpayment scams on online marketplaces
Overpayment scams are among the most common schemes you’ll find when using payment systems (like Cash App and Venmo). In this scam, fraudsters contact you about an item you have for sale. Once you agree on a price, they’ll “accidentally” send you too much money.
Then, they’ll ask you to refund them via Apple Cash or a similar digital wallet. But in reality, the scammer used stolen credit card details to make the original payment. When the true card owner files a dispute, you’ll lose both the money for your product and the amount you “refunded” to the scammer.
How to avoid this scam:
Be extremely cautious if someone “accidentally” sends you too much money. Never refund to a different payment platform other than the one used for the original transaction. Always wait for the payment to clear before sending products or refunds.
4. Phishing text messages that claim your Apple Pay account has been compromised
Fraudsters often try to create a sense of urgency in order to get you to act quickly (this is called a social engineering attack). In this scam, you receive a text message or Apple phishing email claiming that there’s an issue with your Apple Pay account — it’s been suspended or hacked — and you need to verify your identity.
But if you click on the link, you’ll be taken to a phishing website designed to steal your credit card and personal information.
How to avoid this scam:
Never enter personal or financial information on a website that was linked in an unsolicited text message or email. This is one of the most common types of phishing attacks. Instead, always reach out to Apple Support directly at support.apple.com/contact to see if there are issues with your account.
5. Hacking your account information over unsecured Wi-Fi networks
Hackers use “man-in-the-middle” (MiTM) attacks to intercept your data while you’re out in public. For example, if you enter your credit card information into Apple Pay while using public Wi-Fi, a hacker could steal your information and use it for financial fraud.
In more sophisticated examples, scammers create devices designed to mimic payment terminals and fool you into giving them access to your Apple Pay account.
In one example, ethical hackers showed how they could create fake payment terminals at train stations and use them to siphon funds out of Apple Pay accounts.
How to avoid this scam:
Never enter sensitive information onto websites or apps while using public Wi-Fi. Instead, turn on your mobile data or wait until you know you’re on a secured network. For added protection, consider using a Virtual Private Network (VPN). This is a tool that encrypts your data and hides your location so that hackers can’t spy on you.
6. Receiving unsolicited payments (or requests) via Apple Pay
If you receive a strange payment or request for payment on Apple Pay, it’s most likely a scam. Here’s why:
- Unsolicited Apple Pay payments. In this case, a scammer is most likely using a stolen credit card. If you accept the payment, they’ll contact you and ask for a refund (or even tell you to keep some of it as a “reward”). But when the card owner files a fraud dispute, the money will be taken out of your account.
- Unsolicited requests for payment on Apple Pay. In this case, a scammer is purporting to be a company you know and trust — like Apple, Samsung, Amazon, or others — to try and get you to pay. Imposter scams were the most reported scam category in 2021, with losses of $2.3 billion, according to the Federal Trade Commission (FTC) [*].
How to avoid this scam:
Never send Apple Cash payments to people you don’t know. If you receive a request for money from a company, verify it in your account. Most legitimate companies won’t send you requests over payment methods like Apple Pay, Venmo, or Zelle.
7. Bots that steal your Apple Pay two-factor authentication (2FA) codes
Criminals on Telegram are sharing a new Apple Pay scam that gives them access to your account — and your money.
In this scam, hackers use bots to automatically call your phone number and trick you into handing over your Apple Pay 2FA codes [*].
Using 2FA codes is a secondary security measure that requires a special passcode to access your account. If scammers already have your Apple ID and password, all they need is your 2FA code to take over your account.
In one example, a scammer successfully used this scheme to buy more than $20,000 in gift cards with a hacked Apple Pay account.
How to avoid this scam:
Never give out 2FA codes on the phone, in text messages and social media DMs, or in emails. Legitimate customer support agents will never ask for these codes. If someone wants you to give yours up, you’re dealing with a scammer.
Were You Scammed on Apple Pay? Do This Now!
If a scammer tricked you on Apple Pay, you have a few options for getting your money back and protecting your account. Here’s what to do:
Report the transaction
Apple Cash is a peer-to-peer money transfer service that doesn’t include buyer protection. Unfortunately, this means that an Apple Cash transfer can’t be reversed (because you authorized the transfer).
But if you used Apple Pay to send money to a fraudulent store or scammer, you can dispute the transaction.
Go to Latest Transactions and select the fraudulent payment that you wish to dispute.
Then, click on Report an Issue → Incorrect Merchant Info → Merchant Name, Merchant Category or Other Issue.
💡 Related: Can iPhones Get Hacked? How To Tell & What To Do →
Cancel the payment
In the off chance that the scammer hasn’t yet accepted your payment, you can try to cancel it.
To cancel an Apple Cash transfer, open iMessage and find the conversation you’ve had with the scammer. Select Payment. Then, in the wallet app, click Latest Transaction and select the payment you want to cancel.
If the Cancel Payment option isn’t there, the scammer has already accepted the payment, and Apple can’t refund you.
Update your passwords and enable 2FA
If scammers get access to your Apple ID, they can take over your phone, email, and more.
Whenever you think you’ve been scammed, make sure to update your passwords and security questions. Choose unique passwords that are at least eight characters long and include a combination of letters, numbers, and special characters.
For added security, enable 2FA with an authenticator app (not over SMS). And to keep all your passwords organized so that you won’t lose or forget them, sign up for a secure password manager like the one that is included with every Aura plan.
Contact your bank and tell them you’ve been the victim of fraud
Minimize the damage scammers can do by contacting your bank’s fraud department and telling them what happened.
Bank and credit card fraud departments should be able to walk you through the next steps, which might include closing your accounts and setting up new ones. For even more protection, consider freezing your credit as well.
💡 Related: How To Write a Credit Dispute Letter (Free Template) →
How to Avoid Getting Scammed on Apple Pay
- Only send money to family and friends. Treat Apple Cash the same way you would handle physical cash.
- Be cautious on public Wi-Fi. Don’t enter sensitive information when on public Wi-Fi networks. If you must, make sure you’re using a VPN.
- Enable added security (2FA, biometrics, etc.). Secure your devices and your Apple Pay account with unique passcodes and additional measures, such as 2FA and Touch ID or Face ID.
- Never give out your 2FA codes. Also, never give out your Apple ID or password. No legitimate customer support agent will need this information.
- Learn the warning signs of phishing scams. Stay up to date with the latest phishing scams designed to steal your sensitive information.
- Use a credit card instead of a debit card on Apple Pay. Financial institutions and card issuers protect against credit card losses. But if you link your debit card, you’re essentially giving scammers free access to your bank account.
- Regularly check your credit report and bank statements. Scammers are almost always after your financial accounts. Check for the warning signs of identity theft — such as strange charges on your bank statement or accounts you don’t recognize. An identity theft protection service like Aura can monitor your credit and statements for you and alert you to any signs of fraud.
- Report payment requests from people you don’t know. You can send any phishing scam email or unsolicited payment request to email@example.com. Or, in your messages app, tap “Report Junk” so that Apple can take action against the scammer.
- Receive payments manually (instead of automatically). This will stop you from accidentally receiving an unsolicited payment. To enable this feature, go to Settings and click Wallet & Apple Pay. Next, click on your Apple Cash card to view options and select Manually Accept Payment.
- Review details before sending cash. Make sure you’re sending money to the right person before you click “send.” You can confirm that the payment went through in your recent transactions list.
- Regularly review your recent transactions in Apple Pay. Make sure you recognize all recent transactions. If something looks suspicious, dispute the charge on your Apple Card.
- Consider signing up for identity theft protection. Aura’s top-rated identity theft protection monitors all of your most sensitive personal information, online accounts, and finances for signs of fraud. If a scammer tries to access your accounts or finances, Aura can help you take action before it’s too late. Try Aura’s 14-day free trial for immediate protection while you’re most vulnerable.
The Bottom Line: Stay Safe From Apple Pay Scammers
Apple Pay is a convenient way to pay for items or send cash to friends. But like any payment system, it’s a prime target for scammers.
Stay safe by only sending money to people you know and avoiding common phishing and social engineering attacks. And for added security, consider signing up for Aura.