No, This Apple Card Email Was Not a Phishing Attempt
Every time you get an email, allegedly from the company, but it asks you to click a link and confirm some of the information with which the company should already be familiar, you have every right to treat this with skepticism. In fact, you must be very skeptical; Common sense is your best first defense against phishing attempts.
If you’ve been one of those early access to Apple Card, you may have received a weird email from Apple asking you to verify your Apple ID before you can start applying. You’ve probably never received an email like this from Apple before, especially if the company sent it to the email address you used to sign up for Apple Card notifications.
The email says:
“You wanted to be one of the first to get the Apple Card, a new type of credit card created by Apple, not a bank. Good news, you have a chance to try Apple Card before anyone else to help us get ready for the public launch. Your Early Access invitation is pending, but we need your Apple ID to send it. The email address you provided does not match the Apple ID for signing in to iCloud. Just follow a few simple steps and we will send you an invitation. “
Next, it asks you to find the Apple ID you are using on your iPhone, and then enter that email address using the Notify Me button on the Apple Card website .
In this case, your skepticism, while justified, is unwarranted. This is actually a genuine email from Apple, even if you received it by mistake. If it goes to the primary email address you use for your Apple ID, then there is no reason why Apple should verify the email address you provided as you likely used that exact email address when signing up for Apple Card notifications. … However, you will have to click or tap the Notify Me button and re-enter your Apple ID if you want to begin the Apple Card enrollment process.
Be vigilant against phishing emails
Don’t let these little oversights on Apple’s part be lazy about future emails like this. When a company unexpectedly asks you to confirm information, it already has:
- Check the sender’s email address. Make sure it doesn’t come from some wacky subdomain (like apple.totallylegit.net) that might otherwise make it authentic at first sight.
- Try entering any of the URLs mentioned in the email into your browser rather than clicking on the hyperlink – in case the email tries to trick you into assuming you won’t notice the fake URL in the address bar after clicking the link.
- Always check the address bar when you click a link in an email. Ask yourself: Is this really the company or legitimate website you are trying to get to? Don’t be fooled by shortened URLs or bogus characters, such as when someone uses “I” or “1” instead of “l”.
- Don’t open attachments that you didn’t expect to receive.
- If in doubt, contact the company directly – either by email you send directly to customer service, online chat or by phone. They will be able to confirm whether the requests sent by email are legitimate or not.