A new iTunes email scam has been uncovered which attempts to trick users into revealing their credit card numbers, according to a recent report issued by Malwarebytes.

The latest iTunes email scam targets users of iTunes and offers them a refund for a purchase that has been made using their iTunes account, indicating they have been affected by an email scam already. In order to receive the refund, the users must provide their Apple ID, password, and credit card details so the refund can be processed.

Emails have been sent to iTunes account holders telling them that their account has been fraudulently used to purchase an app valued at £34.99 ($53), with the emails containing a fake receipt for the purchase. The app is question is provided by CoPilot Premium HD, a supposed navigation service. The receipt contains a link that the recipient of the email must click in order for their refund to be issued, if the purchase is not genuine.

There is of course no such app, and the high price is perhaps a warning that something is amiss. Unfortunately for users looking to protect themselves from fraud, the very actions they take to protect themselves will actually ensure they do become victims.

Not the Only iTunes Email Scam Recently Uncovered

This is not the only email phishing scam to have been sent to Apple users in recent weeks. Another email spam campaign attempts to get users to click a link to update their credit/debit card, which users have been informed in the email is about to expire. Users have been requested to click a link and enter their new card details, including the CSC code on the reverse of their card, as well as the new expiry date.

As with many email scams of this nature, the email is sent with a threat of account suspension if they do not comply. In this case, users have little time to respond. The email link is said to expire in one hour’s time if it is not clicked, reducing the time for users to verify if the email is in fact genuine.

They are provided with a link to store.apple.com which is seemingly genuine; however, hovering over the link will reveal that the link directs them to a different location.

There are other common tell-tale signs that the email is a fake, even though the correspondence does contain seemingly genuine Apple imagery and appears to have been sent from Apple’s customer service department. One of the most telling signs is the volume of spelling mistakes contained in the email. Any email sent by Apple is likely to have at least been run through a spell check before being used as a template for millions of Apple device owners. A sure sign that the email is not genuine.

The email contains spelling and grammatical errors such as informing the recipient that the link will “expire one hours after the email was sent.” iPhone “ore” iPads is another, and feature is spelled “feauter.”

The advice to all Apple users is to take time to carefully read any email sent from Apple, and to attempt to verify any request to provide ID numbers or financial information.