How could a scammer know the apps on my phone / iTunes account?How much information, at maximum, can a phisher/scammer obtain?Is the following e-mail fraud technically possible?Isn't the BBC being extremely irresponsible in describing how to authenticate an account-related email?Facebook messages with a suspicious link, what information can they get if I dont enter any details?Was coerced into setting up 2 Google Phone Accounts and don't know how to delete themIs it dangerous for a scammer to know just your name and birthday?Almost fell for “tech support” scam - what is the risk?Am I at risk for giving my email, name and phone number to a scammer?Why would a scammer ask for creation of a new email account?Finding out if a series of job emails from the same person are a scam or a way of tracking/phishing?
Word for a person who has no opinion about whether god exists
Welcoming 2019 Pi day: How to draw the letter π?
Cultural lunch issues
Variant calling without matched normal sample
How to deal with a cynical class?
Function to parse .NET composite string format
Upper bound for the number of solutions of a Diophantine equation
Why is searching for a value in an object by key slower than using 'for in' in js?
How is the Swiss post e-voting system supposed to work, and how was it wrong?
Did CPM support custom hardware using device drivers?
Can the damage from a Talisman of Pure Good (or Ultimate Evil) be non-lethal?
Could the Saturn V actually have launched astronauts around Venus?
Bastion server: use TCP forwarding VS placing private key on server
Is Mortgage interest accrued after a December payment tax deductible?
Specifying author pseudonyms in BibLaTeX
Why is stat::st_size 0 for devices but at the same time lseek defines the device size correctly?
Why is a Java array index expression evaluated before checking if the array reference expression is null?
Make a transparent 448*448 image
Can unconscious characters be unwilling?
Why are the outputs of printf and std::cout different
How to explain that I do not want to visit a country due to personal safety concern?
Is having access to past exams cheating and, if yes, could it be proven just by a good grade?
Replacing Windows 7 security updates with anti-virus?
Meaning of "SEVERA INDEOVI VAS" from 3rd Century slab
How could a scammer know the apps on my phone / iTunes account?
How much information, at maximum, can a phisher/scammer obtain?Is the following e-mail fraud technically possible?Isn't the BBC being extremely irresponsible in describing how to authenticate an account-related email?Facebook messages with a suspicious link, what information can they get if I dont enter any details?Was coerced into setting up 2 Google Phone Accounts and don't know how to delete themIs it dangerous for a scammer to know just your name and birthday?Almost fell for “tech support” scam - what is the risk?Am I at risk for giving my email, name and phone number to a scammer?Why would a scammer ask for creation of a new email account?Finding out if a series of job emails from the same person are a scam or a way of tracking/phishing?
I received an email with the subject "Your invoice from Apple #xxxxx".
It then continues by: "[...] your payment from "Pokemon Go was accepted [...]". That line made me sceptical. I just downloaded the app recently. How could the scammer know this? Was it just a good guess?
I assume it to be scam since:
- The sender is surpressed
- Typos
- No Username / data
- Generic text
- A suspicious little pdf
- Not the signature / style from your friendly, expensive fruit seller tech company
Some online warning sites already caught up on it
What I could think of:
- Another free app reports my other apps to the vendor
- A site I often visit has cookies that I was looking up stuff from
let's go pikachu - My account could actually be compromized and someone has access to my records
- Many people have the app installed
If only a fraction of the people who have the app open the attached pdf the scammer wins.
Anyway, how could this be and what counter messurements can I apply?
email phishing scam
asked 6 hours ago
PeterPeter
1336
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I received an email with the subject "Your invoice from Apple #xxxxx".
It then continues by: "[...] your payment from "Pokemon Go was accepted [...]". That line made me sceptical. I just downloaded the app recently. How could the scammer know this? Was it just a good guess?
I assume it to be scam since:
- The sender is surpressed
- Typos
- No Username / data
- Generic text
- A suspicious little pdf
- Not the signature / style from your friendly, expensive fruit seller tech company
Some online warning sites already caught up on it
What I could think of:
- Another free app reports my other apps to the vendor
- A site I often visit has cookies that I was looking up stuff from
let's go pikachu - My account could actually be compromized and someone has access to my records
- Many people have the app installed
If only a fraction of the people who have the app open the attached pdf the scammer wins.
Anyway, how could this be and what counter messurements can I apply?
email phishing scam
asked 6 hours ago
PeterPeter
1336
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
"Many people have the app installed and some people that actually have it open the pdf without hestitation" what do you mean by this? Is there a .pdf attached to the email? Im quite confused where "the pdf" is coming from
– Flying Thunder
5 hours ago
Why is this obviously a scam? It's been a while since I bought something from the app store but isn't this typically what happens after a purchase? You get an email confirmation. What exactly about this makes you think it's a scam?
– JimmyJames
5 hours ago
6
If you have pokemon go, it catches your interest because it seems more legitimate. If you don't have that app, it catches your interested because, who just bought that on my account?! Either way they have had an effect on you.
– JPhi1618
4 hours ago
add a comment |
I received an email with the subject "Your invoice from Apple #xxxxx".
It then continues by: "[...] your payment from "Pokemon Go was accepted [...]". That line made me sceptical. I just downloaded the app recently. How could the scammer know this? Was it just a good guess?
I assume it to be scam since:
- The sender is surpressed
- Typos
- No Username / data
- Generic text
- A suspicious little pdf
- Not the signature / style from your friendly, expensive fruit seller tech company
Some online warning sites already caught up on it
What I could think of:
- Another free app reports my other apps to the vendor
- A site I often visit has cookies that I was looking up stuff from
let's go pikachu - My account could actually be compromized and someone has access to my records
- Many people have the app installed
If only a fraction of the people who have the app open the attached pdf the scammer wins.
Anyway, how could this be and what counter messurements can I apply?
email phishing scam
asked 6 hours ago
PeterPeter
1336
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I received an email with the subject "Your invoice from Apple #xxxxx".
It then continues by: "[...] your payment from "Pokemon Go was accepted [...]". That line made me sceptical. I just downloaded the app recently. How could the scammer know this? Was it just a good guess?
I assume it to be scam since:
- The sender is surpressed
- Typos
- No Username / data
- Generic text
- A suspicious little pdf
- Not the signature / style from your friendly, expensive fruit seller tech company
Some online warning sites already caught up on it
What I could think of:
- Another free app reports my other apps to the vendor
- A site I often visit has cookies that I was looking up stuff from
let's go pikachu - My account could actually be compromized and someone has access to my records
- Many people have the app installed
If only a fraction of the people who have the app open the attached pdf the scammer wins.
Anyway, how could this be and what counter messurements can I apply?
email phishing scam
email phishing scam
asked 6 hours ago
PeterPeter
1336
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 6 hours ago
PeterPeter
1336
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 3 hours ago
Peter
asked 6 hours ago
PeterPeter
1336
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 6 hours ago
PeterPeter
1336
asked 6 hours ago
PeterPeter
1336
1336
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Peter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
"Many people have the app installed and some people that actually have it open the pdf without hestitation" what do you mean by this? Is there a .pdf attached to the email? Im quite confused where "the pdf" is coming from
– Flying Thunder
5 hours ago
Why is this obviously a scam? It's been a while since I bought something from the app store but isn't this typically what happens after a purchase? You get an email confirmation. What exactly about this makes you think it's a scam?
– JimmyJames
5 hours ago
6
If you have pokemon go, it catches your interest because it seems more legitimate. If you don't have that app, it catches your interested because, who just bought that on my account?! Either way they have had an effect on you.
– JPhi1618
4 hours ago
add a comment |
"Many people have the app installed and some people that actually have it open the pdf without hestitation" what do you mean by this? Is there a .pdf attached to the email? Im quite confused where "the pdf" is coming from
– Flying Thunder
5 hours ago
Why is this obviously a scam? It's been a while since I bought something from the app store but isn't this typically what happens after a purchase? You get an email confirmation. What exactly about this makes you think it's a scam?
– JimmyJames
5 hours ago
6
If you have pokemon go, it catches your interest because it seems more legitimate. If you don't have that app, it catches your interested because, who just bought that on my account?! Either way they have had an effect on you.
– JPhi1618
4 hours ago
"Many people have the app installed and some people that actually have it open the pdf without hestitation" what do you mean by this? Is there a .pdf attached to the email? Im quite confused where "the pdf" is coming from
– Flying Thunder
5 hours ago
"Many people have the app installed and some people that actually have it open the pdf without hestitation" what do you mean by this? Is there a .pdf attached to the email? Im quite confused where "the pdf" is coming from
– Flying Thunder
5 hours ago
Why is this obviously a scam? It's been a while since I bought something from the app store but isn't this typically what happens after a purchase? You get an email confirmation. What exactly about this makes you think it's a scam?
– JimmyJames
5 hours ago
Why is this obviously a scam? It's been a while since I bought something from the app store but isn't this typically what happens after a purchase? You get an email confirmation. What exactly about this makes you think it's a scam?
– JimmyJames
5 hours ago
6
6
If you have pokemon go, it catches your interest because it seems more legitimate. If you don't have that app, it catches your interested because, who just bought that on my account?! Either way they have had an effect on you.
– JPhi1618
4 hours ago
If you have pokemon go, it catches your interest because it seems more legitimate. If you don't have that app, it catches your interested because, who just bought that on my account?! Either way they have had an effect on you.
– JPhi1618
4 hours ago
add a comment |
5 Answers
5
active
oldest
votes
It's a game of probability and chances are high that you might have one of the most popular apps in history installed on your device.
My guess is that the scammer does not know anything about you. The app in question is widely popular and one of the most successful apps on both iOS and Android. An attacker may just send out large amounts of mails containing such "most probable apps"/"best guesses". It would have been the same if the scammer sent an invoice for WhatsApp, which you most probably have installed on your device.
This tactic can also be observed in other recent spam waves like the notorious sextorion scam where the attacker sends a rather ominous remark about your porn preferences:
i installed a software on the adult videos (pornographic material) web-site [...] 1st part displays the video you were viewing (you’ve got a nice taste haha)
So to sum it up, this is most likely just a wild, but very probable guess, and you are not compromised. Countermeasures in this case: delete the email, go catch some Pokémon and have fun.
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
1
I received that mail too, but don't have a Apple/iTunes Account/Device, nor bought something in PokemonGo (but had it installed on my Android Devices) so that mail was instantly deleted as scam for me because i don't apply to my in any way. I also received a mail in the past regarding a invoice of WhatsApp (befor it was entirely free) that a monthly subscription has been paid
– Serverfrog
3 hours ago
add a comment |
Pokemon Go is a very popular app. I would not be surprised if that email was being scatter-gunned to see who might panic and do what the phishing email wants. The other possibilities include:
- Niantic (the devs of Pokemon Go) has been compromised - not very likely
- The providers of another app on your phone have detected you use it and have sold that info onto someone else.
- The attackers know either you have a Pokemon Go or an Apple account - not necessarily both.
- You yourself provided that information somewhere
- Another one of your accounts, where you have used your email address and talked about Pokemon Go on iPhone, has been compromised
answered 5 hours ago
520520
24113
add a comment |
Former Apple Inc. employee here. I have seen some shady stuff on people's phones and what you're experiencing isn't new--I have received the same emails. That's how they phish people. They get receivers of the email to contact them, then try to dispute the charge, unknowingly giving over private information to help "resolve" the issue. If your account has been compromised, they can see your app purchases. Purchases include free downloads. Here's what I'd suggest to check:
- Firstly, check the email address from the email. If it's non-Apple, dismiss it.
- Check the devices associated with your phone. Settings>Your Name(top). There, if you scroll down, you should see a list of your Apple Devices. If you do not recognize one. You may have someone signed in to your account.
- Check your "Family Sharing" tab. If you are a part of a family you shouldn't be, you may be compromised. (Settings>Your Name>Family Sharing)
- Check to see if there is a "Profile" on your phone. This is popular with business phones to monitor employees, but some people use this maliciously. (Settings>General ... scroll and look for something that may not belong).
- This one is tricky, make sure when you're connected to wifi, you're on a known secure network. Users often join networks to save their data, but I personally have known people to travel with a hotspot in populated areas to get people to connect to it. From there, they can find a way to mess with your device or information. Same goes with connecting to those free chargers in public spaces, like at airports -- be very wary.
Hope this helps someone
answered 2 hours ago
user201921user201921
211
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
If there is no actual email header even to special email clients that can show invisible email header info...then you need to suspect that it did not arrive by email. No header is like letter without address, won't get delivered.
This can happen at the email server if server is running a bad app or otherwise got intrusion. If its Apple mail or other really big and professional provider, I would not expect this. But college email servers and other lower level or private providers might occasionally have issues.
* Its possible for another "bad" app on your phone to inject stuff into your email queue if you are not using webmail. * I would not expect this if all your apps are through Apple Store/iTunes.
But if you jail broke your iPhone to add any unapproved apps...
now is the time to re-evaluate them. Even if they appear to deliver the promised functions (game?/game hack), they may also do something else as well.
answered 2 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Answer void in light of updated info in question.
Sounds like a valid invoice for an in-app purchase. Invoice in this case just means receipt - not that you need make additional payment action. So just Apple notifying you its processing the payment and that the source was from (within) Pokemon Go.
But info for scammers is readily available. Its all part of the marketing frenzy that has been building since the mid-1990s. Lots of websites and businesses trade marketing data to help sell products. Lots bad security on those databases or legitimate sales with too few questions asked.
Read those OS and application EULAs. Getting marketing data about your interests to vendors who might sell similar or connected products is an intrinsic part of commercial OS and apps -- and even ISO standards. Cookies are just one avenue for direct query of your phone/computer. Almost 20 years ago I was surprised as a neophyte web administrator that Microsoft websites automatically harvested the default email address of every website user. A legitimate HTTP query from server which even compliant open source software must have the ability to honor (but can default responding to be off).
To be honest, I would not be surprised if most web browers cough up matching app info to the right webserver queries. Apple/iTunes is a LOT better about privacy from vendors than Android/PlayStore but not immune I bet. iTunes itself may let registered vendors indirectly send messages to app owners based on specified criteria...for a fee. I would expect Apple policy is to review such messages first but everyone has bad or rushed days. I do not know actual details though since I am not a registered vendor.
edited 2 hours ago
schroeder♦
77.5k30171207
answered 3 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
So go through all the options about privacy on your ITunes account as well as iOS and each browser and app. App notices is a new buzzword to ways vendors can intrude into privacy.
– NotSoSimple
3 hours ago
Hey, I added lines that build up to my suspicion. This is almost definitly not from apple / iTunes
– Peter
3 hours ago
Right email client can see actual header. Suppressing visible email header is not as suspicious as you might think. Some big companies do it to keep people from replying to unmonitored email address.
– NotSoSimple
3 hours ago
But Yeah big alert if more than one typo & attaching PDF without comment especially when size says it could have been inline.
– NotSoSimple
3 hours ago
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Peter is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205340%2fhow-could-a-scammer-know-the-apps-on-my-phone-itunes-account%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
It's a game of probability and chances are high that you might have one of the most popular apps in history installed on your device.
My guess is that the scammer does not know anything about you. The app in question is widely popular and one of the most successful apps on both iOS and Android. An attacker may just send out large amounts of mails containing such "most probable apps"/"best guesses". It would have been the same if the scammer sent an invoice for WhatsApp, which you most probably have installed on your device.
This tactic can also be observed in other recent spam waves like the notorious sextorion scam where the attacker sends a rather ominous remark about your porn preferences:
i installed a software on the adult videos (pornographic material) web-site [...] 1st part displays the video you were viewing (you’ve got a nice taste haha)
So to sum it up, this is most likely just a wild, but very probable guess, and you are not compromised. Countermeasures in this case: delete the email, go catch some Pokémon and have fun.
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
1
I received that mail too, but don't have a Apple/iTunes Account/Device, nor bought something in PokemonGo (but had it installed on my Android Devices) so that mail was instantly deleted as scam for me because i don't apply to my in any way. I also received a mail in the past regarding a invoice of WhatsApp (befor it was entirely free) that a monthly subscription has been paid
– Serverfrog
3 hours ago
add a comment |
It's a game of probability and chances are high that you might have one of the most popular apps in history installed on your device.
My guess is that the scammer does not know anything about you. The app in question is widely popular and one of the most successful apps on both iOS and Android. An attacker may just send out large amounts of mails containing such "most probable apps"/"best guesses". It would have been the same if the scammer sent an invoice for WhatsApp, which you most probably have installed on your device.
This tactic can also be observed in other recent spam waves like the notorious sextorion scam where the attacker sends a rather ominous remark about your porn preferences:
i installed a software on the adult videos (pornographic material) web-site [...] 1st part displays the video you were viewing (you’ve got a nice taste haha)
So to sum it up, this is most likely just a wild, but very probable guess, and you are not compromised. Countermeasures in this case: delete the email, go catch some Pokémon and have fun.
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
1
I received that mail too, but don't have a Apple/iTunes Account/Device, nor bought something in PokemonGo (but had it installed on my Android Devices) so that mail was instantly deleted as scam for me because i don't apply to my in any way. I also received a mail in the past regarding a invoice of WhatsApp (befor it was entirely free) that a monthly subscription has been paid
– Serverfrog
3 hours ago
add a comment |
It's a game of probability and chances are high that you might have one of the most popular apps in history installed on your device.
My guess is that the scammer does not know anything about you. The app in question is widely popular and one of the most successful apps on both iOS and Android. An attacker may just send out large amounts of mails containing such "most probable apps"/"best guesses". It would have been the same if the scammer sent an invoice for WhatsApp, which you most probably have installed on your device.
This tactic can also be observed in other recent spam waves like the notorious sextorion scam where the attacker sends a rather ominous remark about your porn preferences:
i installed a software on the adult videos (pornographic material) web-site [...] 1st part displays the video you were viewing (you’ve got a nice taste haha)
So to sum it up, this is most likely just a wild, but very probable guess, and you are not compromised. Countermeasures in this case: delete the email, go catch some Pokémon and have fun.
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
It's a game of probability and chances are high that you might have one of the most popular apps in history installed on your device.
My guess is that the scammer does not know anything about you. The app in question is widely popular and one of the most successful apps on both iOS and Android. An attacker may just send out large amounts of mails containing such "most probable apps"/"best guesses". It would have been the same if the scammer sent an invoice for WhatsApp, which you most probably have installed on your device.
This tactic can also be observed in other recent spam waves like the notorious sextorion scam where the attacker sends a rather ominous remark about your porn preferences:
i installed a software on the adult videos (pornographic material) web-site [...] 1st part displays the video you were viewing (you’ve got a nice taste haha)
So to sum it up, this is most likely just a wild, but very probable guess, and you are not compromised. Countermeasures in this case: delete the email, go catch some Pokémon and have fun.
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
answered 5 hours ago
SeeYouInDisneylandSeeYouInDisneyland
875319
875319
1
I received that mail too, but don't have a Apple/iTunes Account/Device, nor bought something in PokemonGo (but had it installed on my Android Devices) so that mail was instantly deleted as scam for me because i don't apply to my in any way. I also received a mail in the past regarding a invoice of WhatsApp (befor it was entirely free) that a monthly subscription has been paid
– Serverfrog
3 hours ago
add a comment |
1
I received that mail too, but don't have a Apple/iTunes Account/Device, nor bought something in PokemonGo (but had it installed on my Android Devices) so that mail was instantly deleted as scam for me because i don't apply to my in any way. I also received a mail in the past regarding a invoice of WhatsApp (befor it was entirely free) that a monthly subscription has been paid
– Serverfrog
3 hours ago
1
1
I received that mail too, but don't have a Apple/iTunes Account/Device, nor bought something in PokemonGo (but had it installed on my Android Devices) so that mail was instantly deleted as scam for me because i don't apply to my in any way. I also received a mail in the past regarding a invoice of WhatsApp (befor it was entirely free) that a monthly subscription has been paid
– Serverfrog
3 hours ago
I received that mail too, but don't have a Apple/iTunes Account/Device, nor bought something in PokemonGo (but had it installed on my Android Devices) so that mail was instantly deleted as scam for me because i don't apply to my in any way. I also received a mail in the past regarding a invoice of WhatsApp (befor it was entirely free) that a monthly subscription has been paid
– Serverfrog
3 hours ago
add a comment |
Pokemon Go is a very popular app. I would not be surprised if that email was being scatter-gunned to see who might panic and do what the phishing email wants. The other possibilities include:
- Niantic (the devs of Pokemon Go) has been compromised - not very likely
- The providers of another app on your phone have detected you use it and have sold that info onto someone else.
- The attackers know either you have a Pokemon Go or an Apple account - not necessarily both.
- You yourself provided that information somewhere
- Another one of your accounts, where you have used your email address and talked about Pokemon Go on iPhone, has been compromised
answered 5 hours ago
520520
24113
add a comment |
Pokemon Go is a very popular app. I would not be surprised if that email was being scatter-gunned to see who might panic and do what the phishing email wants. The other possibilities include:
- Niantic (the devs of Pokemon Go) has been compromised - not very likely
- The providers of another app on your phone have detected you use it and have sold that info onto someone else.
- The attackers know either you have a Pokemon Go or an Apple account - not necessarily both.
- You yourself provided that information somewhere
- Another one of your accounts, where you have used your email address and talked about Pokemon Go on iPhone, has been compromised
answered 5 hours ago
520520
24113
add a comment |
Pokemon Go is a very popular app. I would not be surprised if that email was being scatter-gunned to see who might panic and do what the phishing email wants. The other possibilities include:
- Niantic (the devs of Pokemon Go) has been compromised - not very likely
- The providers of another app on your phone have detected you use it and have sold that info onto someone else.
- The attackers know either you have a Pokemon Go or an Apple account - not necessarily both.
- You yourself provided that information somewhere
- Another one of your accounts, where you have used your email address and talked about Pokemon Go on iPhone, has been compromised
answered 5 hours ago
520520
24113
Pokemon Go is a very popular app. I would not be surprised if that email was being scatter-gunned to see who might panic and do what the phishing email wants. The other possibilities include:
- Niantic (the devs of Pokemon Go) has been compromised - not very likely
- The providers of another app on your phone have detected you use it and have sold that info onto someone else.
- The attackers know either you have a Pokemon Go or an Apple account - not necessarily both.
- You yourself provided that information somewhere
- Another one of your accounts, where you have used your email address and talked about Pokemon Go on iPhone, has been compromised
answered 5 hours ago
520520
24113
answered 5 hours ago
520520
24113
answered 5 hours ago
520520
24113
answered 5 hours ago
520520
24113
24113
add a comment |
add a comment |
Former Apple Inc. employee here. I have seen some shady stuff on people's phones and what you're experiencing isn't new--I have received the same emails. That's how they phish people. They get receivers of the email to contact them, then try to dispute the charge, unknowingly giving over private information to help "resolve" the issue. If your account has been compromised, they can see your app purchases. Purchases include free downloads. Here's what I'd suggest to check:
- Firstly, check the email address from the email. If it's non-Apple, dismiss it.
- Check the devices associated with your phone. Settings>Your Name(top). There, if you scroll down, you should see a list of your Apple Devices. If you do not recognize one. You may have someone signed in to your account.
- Check your "Family Sharing" tab. If you are a part of a family you shouldn't be, you may be compromised. (Settings>Your Name>Family Sharing)
- Check to see if there is a "Profile" on your phone. This is popular with business phones to monitor employees, but some people use this maliciously. (Settings>General ... scroll and look for something that may not belong).
- This one is tricky, make sure when you're connected to wifi, you're on a known secure network. Users often join networks to save their data, but I personally have known people to travel with a hotspot in populated areas to get people to connect to it. From there, they can find a way to mess with your device or information. Same goes with connecting to those free chargers in public spaces, like at airports -- be very wary.
Hope this helps someone
answered 2 hours ago
user201921user201921
211
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Former Apple Inc. employee here. I have seen some shady stuff on people's phones and what you're experiencing isn't new--I have received the same emails. That's how they phish people. They get receivers of the email to contact them, then try to dispute the charge, unknowingly giving over private information to help "resolve" the issue. If your account has been compromised, they can see your app purchases. Purchases include free downloads. Here's what I'd suggest to check:
- Firstly, check the email address from the email. If it's non-Apple, dismiss it.
- Check the devices associated with your phone. Settings>Your Name(top). There, if you scroll down, you should see a list of your Apple Devices. If you do not recognize one. You may have someone signed in to your account.
- Check your "Family Sharing" tab. If you are a part of a family you shouldn't be, you may be compromised. (Settings>Your Name>Family Sharing)
- Check to see if there is a "Profile" on your phone. This is popular with business phones to monitor employees, but some people use this maliciously. (Settings>General ... scroll and look for something that may not belong).
- This one is tricky, make sure when you're connected to wifi, you're on a known secure network. Users often join networks to save their data, but I personally have known people to travel with a hotspot in populated areas to get people to connect to it. From there, they can find a way to mess with your device or information. Same goes with connecting to those free chargers in public spaces, like at airports -- be very wary.
Hope this helps someone
answered 2 hours ago
user201921user201921
211
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Former Apple Inc. employee here. I have seen some shady stuff on people's phones and what you're experiencing isn't new--I have received the same emails. That's how they phish people. They get receivers of the email to contact them, then try to dispute the charge, unknowingly giving over private information to help "resolve" the issue. If your account has been compromised, they can see your app purchases. Purchases include free downloads. Here's what I'd suggest to check:
- Firstly, check the email address from the email. If it's non-Apple, dismiss it.
- Check the devices associated with your phone. Settings>Your Name(top). There, if you scroll down, you should see a list of your Apple Devices. If you do not recognize one. You may have someone signed in to your account.
- Check your "Family Sharing" tab. If you are a part of a family you shouldn't be, you may be compromised. (Settings>Your Name>Family Sharing)
- Check to see if there is a "Profile" on your phone. This is popular with business phones to monitor employees, but some people use this maliciously. (Settings>General ... scroll and look for something that may not belong).
- This one is tricky, make sure when you're connected to wifi, you're on a known secure network. Users often join networks to save their data, but I personally have known people to travel with a hotspot in populated areas to get people to connect to it. From there, they can find a way to mess with your device or information. Same goes with connecting to those free chargers in public spaces, like at airports -- be very wary.
Hope this helps someone
answered 2 hours ago
user201921user201921
211
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Former Apple Inc. employee here. I have seen some shady stuff on people's phones and what you're experiencing isn't new--I have received the same emails. That's how they phish people. They get receivers of the email to contact them, then try to dispute the charge, unknowingly giving over private information to help "resolve" the issue. If your account has been compromised, they can see your app purchases. Purchases include free downloads. Here's what I'd suggest to check:
- Firstly, check the email address from the email. If it's non-Apple, dismiss it.
- Check the devices associated with your phone. Settings>Your Name(top). There, if you scroll down, you should see a list of your Apple Devices. If you do not recognize one. You may have someone signed in to your account.
- Check your "Family Sharing" tab. If you are a part of a family you shouldn't be, you may be compromised. (Settings>Your Name>Family Sharing)
- Check to see if there is a "Profile" on your phone. This is popular with business phones to monitor employees, but some people use this maliciously. (Settings>General ... scroll and look for something that may not belong).
- This one is tricky, make sure when you're connected to wifi, you're on a known secure network. Users often join networks to save their data, but I personally have known people to travel with a hotspot in populated areas to get people to connect to it. From there, they can find a way to mess with your device or information. Same goes with connecting to those free chargers in public spaces, like at airports -- be very wary.
Hope this helps someone
answered 2 hours ago
user201921user201921
211
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 hours ago
user201921user201921
211
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 hours ago
user201921user201921
211
answered 2 hours ago
user201921user201921
211
211
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
user201921 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
If there is no actual email header even to special email clients that can show invisible email header info...then you need to suspect that it did not arrive by email. No header is like letter without address, won't get delivered.
This can happen at the email server if server is running a bad app or otherwise got intrusion. If its Apple mail or other really big and professional provider, I would not expect this. But college email servers and other lower level or private providers might occasionally have issues.
* Its possible for another "bad" app on your phone to inject stuff into your email queue if you are not using webmail. * I would not expect this if all your apps are through Apple Store/iTunes.
But if you jail broke your iPhone to add any unapproved apps...
now is the time to re-evaluate them. Even if they appear to deliver the promised functions (game?/game hack), they may also do something else as well.
answered 2 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
If there is no actual email header even to special email clients that can show invisible email header info...then you need to suspect that it did not arrive by email. No header is like letter without address, won't get delivered.
This can happen at the email server if server is running a bad app or otherwise got intrusion. If its Apple mail or other really big and professional provider, I would not expect this. But college email servers and other lower level or private providers might occasionally have issues.
* Its possible for another "bad" app on your phone to inject stuff into your email queue if you are not using webmail. * I would not expect this if all your apps are through Apple Store/iTunes.
But if you jail broke your iPhone to add any unapproved apps...
now is the time to re-evaluate them. Even if they appear to deliver the promised functions (game?/game hack), they may also do something else as well.
answered 2 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
If there is no actual email header even to special email clients that can show invisible email header info...then you need to suspect that it did not arrive by email. No header is like letter without address, won't get delivered.
This can happen at the email server if server is running a bad app or otherwise got intrusion. If its Apple mail or other really big and professional provider, I would not expect this. But college email servers and other lower level or private providers might occasionally have issues.
* Its possible for another "bad" app on your phone to inject stuff into your email queue if you are not using webmail. * I would not expect this if all your apps are through Apple Store/iTunes.
But if you jail broke your iPhone to add any unapproved apps...
now is the time to re-evaluate them. Even if they appear to deliver the promised functions (game?/game hack), they may also do something else as well.
answered 2 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
If there is no actual email header even to special email clients that can show invisible email header info...then you need to suspect that it did not arrive by email. No header is like letter without address, won't get delivered.
This can happen at the email server if server is running a bad app or otherwise got intrusion. If its Apple mail or other really big and professional provider, I would not expect this. But college email servers and other lower level or private providers might occasionally have issues.
* Its possible for another "bad" app on your phone to inject stuff into your email queue if you are not using webmail. * I would not expect this if all your apps are through Apple Store/iTunes.
But if you jail broke your iPhone to add any unapproved apps...
now is the time to re-evaluate them. Even if they appear to deliver the promised functions (game?/game hack), they may also do something else as well.
answered 2 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 hours ago
NotSoSimpleNotSoSimple
11
answered 2 hours ago
NotSoSimpleNotSoSimple
11
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Answer void in light of updated info in question.
Sounds like a valid invoice for an in-app purchase. Invoice in this case just means receipt - not that you need make additional payment action. So just Apple notifying you its processing the payment and that the source was from (within) Pokemon Go.
But info for scammers is readily available. Its all part of the marketing frenzy that has been building since the mid-1990s. Lots of websites and businesses trade marketing data to help sell products. Lots bad security on those databases or legitimate sales with too few questions asked.
Read those OS and application EULAs. Getting marketing data about your interests to vendors who might sell similar or connected products is an intrinsic part of commercial OS and apps -- and even ISO standards. Cookies are just one avenue for direct query of your phone/computer. Almost 20 years ago I was surprised as a neophyte web administrator that Microsoft websites automatically harvested the default email address of every website user. A legitimate HTTP query from server which even compliant open source software must have the ability to honor (but can default responding to be off).
To be honest, I would not be surprised if most web browers cough up matching app info to the right webserver queries. Apple/iTunes is a LOT better about privacy from vendors than Android/PlayStore but not immune I bet. iTunes itself may let registered vendors indirectly send messages to app owners based on specified criteria...for a fee. I would expect Apple policy is to review such messages first but everyone has bad or rushed days. I do not know actual details though since I am not a registered vendor.
edited 2 hours ago
schroeder♦
77.5k30171207
answered 3 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
So go through all the options about privacy on your ITunes account as well as iOS and each browser and app. App notices is a new buzzword to ways vendors can intrude into privacy.
– NotSoSimple
3 hours ago
Hey, I added lines that build up to my suspicion. This is almost definitly not from apple / iTunes
– Peter
3 hours ago
Right email client can see actual header. Suppressing visible email header is not as suspicious as you might think. Some big companies do it to keep people from replying to unmonitored email address.
– NotSoSimple
3 hours ago
But Yeah big alert if more than one typo & attaching PDF without comment especially when size says it could have been inline.
– NotSoSimple
3 hours ago
add a comment |
Answer void in light of updated info in question.
Sounds like a valid invoice for an in-app purchase. Invoice in this case just means receipt - not that you need make additional payment action. So just Apple notifying you its processing the payment and that the source was from (within) Pokemon Go.
But info for scammers is readily available. Its all part of the marketing frenzy that has been building since the mid-1990s. Lots of websites and businesses trade marketing data to help sell products. Lots bad security on those databases or legitimate sales with too few questions asked.
Read those OS and application EULAs. Getting marketing data about your interests to vendors who might sell similar or connected products is an intrinsic part of commercial OS and apps -- and even ISO standards. Cookies are just one avenue for direct query of your phone/computer. Almost 20 years ago I was surprised as a neophyte web administrator that Microsoft websites automatically harvested the default email address of every website user. A legitimate HTTP query from server which even compliant open source software must have the ability to honor (but can default responding to be off).
To be honest, I would not be surprised if most web browers cough up matching app info to the right webserver queries. Apple/iTunes is a LOT better about privacy from vendors than Android/PlayStore but not immune I bet. iTunes itself may let registered vendors indirectly send messages to app owners based on specified criteria...for a fee. I would expect Apple policy is to review such messages first but everyone has bad or rushed days. I do not know actual details though since I am not a registered vendor.
edited 2 hours ago
schroeder♦
77.5k30171207
answered 3 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
So go through all the options about privacy on your ITunes account as well as iOS and each browser and app. App notices is a new buzzword to ways vendors can intrude into privacy.
– NotSoSimple
3 hours ago
Hey, I added lines that build up to my suspicion. This is almost definitly not from apple / iTunes
– Peter
3 hours ago
Right email client can see actual header. Suppressing visible email header is not as suspicious as you might think. Some big companies do it to keep people from replying to unmonitored email address.
– NotSoSimple
3 hours ago
But Yeah big alert if more than one typo & attaching PDF without comment especially when size says it could have been inline.
– NotSoSimple
3 hours ago
add a comment |
Answer void in light of updated info in question.
Sounds like a valid invoice for an in-app purchase. Invoice in this case just means receipt - not that you need make additional payment action. So just Apple notifying you its processing the payment and that the source was from (within) Pokemon Go.
But info for scammers is readily available. Its all part of the marketing frenzy that has been building since the mid-1990s. Lots of websites and businesses trade marketing data to help sell products. Lots bad security on those databases or legitimate sales with too few questions asked.
Read those OS and application EULAs. Getting marketing data about your interests to vendors who might sell similar or connected products is an intrinsic part of commercial OS and apps -- and even ISO standards. Cookies are just one avenue for direct query of your phone/computer. Almost 20 years ago I was surprised as a neophyte web administrator that Microsoft websites automatically harvested the default email address of every website user. A legitimate HTTP query from server which even compliant open source software must have the ability to honor (but can default responding to be off).
To be honest, I would not be surprised if most web browers cough up matching app info to the right webserver queries. Apple/iTunes is a LOT better about privacy from vendors than Android/PlayStore but not immune I bet. iTunes itself may let registered vendors indirectly send messages to app owners based on specified criteria...for a fee. I would expect Apple policy is to review such messages first but everyone has bad or rushed days. I do not know actual details though since I am not a registered vendor.
edited 2 hours ago
schroeder♦
77.5k30171207
answered 3 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Answer void in light of updated info in question.
Sounds like a valid invoice for an in-app purchase. Invoice in this case just means receipt - not that you need make additional payment action. So just Apple notifying you its processing the payment and that the source was from (within) Pokemon Go.
But info for scammers is readily available. Its all part of the marketing frenzy that has been building since the mid-1990s. Lots of websites and businesses trade marketing data to help sell products. Lots bad security on those databases or legitimate sales with too few questions asked.
Read those OS and application EULAs. Getting marketing data about your interests to vendors who might sell similar or connected products is an intrinsic part of commercial OS and apps -- and even ISO standards. Cookies are just one avenue for direct query of your phone/computer. Almost 20 years ago I was surprised as a neophyte web administrator that Microsoft websites automatically harvested the default email address of every website user. A legitimate HTTP query from server which even compliant open source software must have the ability to honor (but can default responding to be off).
To be honest, I would not be surprised if most web browers cough up matching app info to the right webserver queries. Apple/iTunes is a LOT better about privacy from vendors than Android/PlayStore but not immune I bet. iTunes itself may let registered vendors indirectly send messages to app owners based on specified criteria...for a fee. I would expect Apple policy is to review such messages first but everyone has bad or rushed days. I do not know actual details though since I am not a registered vendor.
edited 2 hours ago
schroeder♦
77.5k30171207
answered 3 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 hours ago
schroeder♦
77.5k30171207
edited 2 hours ago
schroeder♦
77.5k30171207
edited 2 hours ago
schroeder♦
77.5k30171207
77.5k30171207
answered 3 hours ago
NotSoSimpleNotSoSimple
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 3 hours ago
NotSoSimpleNotSoSimple
11
answered 3 hours ago
NotSoSimpleNotSoSimple
11
11
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
NotSoSimple is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
So go through all the options about privacy on your ITunes account as well as iOS and each browser and app. App notices is a new buzzword to ways vendors can intrude into privacy.
– NotSoSimple
3 hours ago
Hey, I added lines that build up to my suspicion. This is almost definitly not from apple / iTunes
– Peter
3 hours ago
Right email client can see actual header. Suppressing visible email header is not as suspicious as you might think. Some big companies do it to keep people from replying to unmonitored email address.
– NotSoSimple
3 hours ago
But Yeah big alert if more than one typo & attaching PDF without comment especially when size says it could have been inline.
– NotSoSimple
3 hours ago
add a comment |
So go through all the options about privacy on your ITunes account as well as iOS and each browser and app. App notices is a new buzzword to ways vendors can intrude into privacy.
– NotSoSimple
3 hours ago
Hey, I added lines that build up to my suspicion. This is almost definitly not from apple / iTunes
– Peter
3 hours ago
Right email client can see actual header. Suppressing visible email header is not as suspicious as you might think. Some big companies do it to keep people from replying to unmonitored email address.
– NotSoSimple
3 hours ago
But Yeah big alert if more than one typo & attaching PDF without comment especially when size says it could have been inline.
– NotSoSimple
3 hours ago
So go through all the options about privacy on your ITunes account as well as iOS and each browser and app. App notices is a new buzzword to ways vendors can intrude into privacy.
– NotSoSimple
3 hours ago
So go through all the options about privacy on your ITunes account as well as iOS and each browser and app. App notices is a new buzzword to ways vendors can intrude into privacy.
– NotSoSimple
3 hours ago
Hey, I added lines that build up to my suspicion. This is almost definitly not from apple / iTunes
– Peter
3 hours ago
Hey, I added lines that build up to my suspicion. This is almost definitly not from apple / iTunes
– Peter
3 hours ago
Right email client can see actual header. Suppressing visible email header is not as suspicious as you might think. Some big companies do it to keep people from replying to unmonitored email address.
– NotSoSimple
3 hours ago
Right email client can see actual header. Suppressing visible email header is not as suspicious as you might think. Some big companies do it to keep people from replying to unmonitored email address.
– NotSoSimple
3 hours ago
But Yeah big alert if more than one typo & attaching PDF without comment especially when size says it could have been inline.
– NotSoSimple
3 hours ago
But Yeah big alert if more than one typo & attaching PDF without comment especially when size says it could have been inline.
– NotSoSimple
3 hours ago
add a comment |
Peter is a new contributor. Be nice, and check out our Code of Conduct.
Peter is a new contributor. Be nice, and check out our Code of Conduct.
Peter is a new contributor. Be nice, and check out our Code of Conduct.
Peter is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205340%2fhow-could-a-scammer-know-the-apps-on-my-phone-itunes-account%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
"Many people have the app installed and some people that actually have it open the pdf without hestitation" what do you mean by this? Is there a .pdf attached to the email? Im quite confused where "the pdf" is coming from
– Flying Thunder
5 hours ago
Why is this obviously a scam? It's been a while since I bought something from the app store but isn't this typically what happens after a purchase? You get an email confirmation. What exactly about this makes you think it's a scam?
– JimmyJames
5 hours ago
6
If you have pokemon go, it catches your interest because it seems more legitimate. If you don't have that app, it catches your interested because, who just bought that on my account?! Either way they have had an effect on you.
– JPhi1618
4 hours ago