iTunes scam: How to protect yourself

The problem, it seems, is not with the iTunes software, but with users falling victim to simple scams

In recent weeks, more and more iTunes users have been reporting fraudulent activity on their Apple accounts, reporting hundreds or even thousands of dollars worth of bogus purchases. With the reports of this type of fraud on the uptick in recent weeks, many users have been quick to blame Apple or PayPal, as many of the affected iTunes accounts were linked to PayPal accounts.

Techworld: How to get free iTunes music

But the problem cannot be blamed on a software security flaw, nor can it be fixed with a quick patch. The problem, it seems, actually lies with iTunes users.

That's right: iTunes users are the app's big security flaw. Here's what you need to know in order to keep yourself and your iTunes account safe.

The Problem is in the Passwords

Hackers can make fraudulent purchases on iTunes accounts to which they have obtained the passwords. But these passwords were not obtained by breaking into Apple's servers; Apple sources tell CNET that "iTunes has not been compromised and the company is not aware of any sudden increase in fraudulent transactions."

Instead, it seems, hackers are obtaining passwords through good, old-fashioned phishing scams. iTunes users often don't know how their accounts were compromised, but it seems that many are simply handing out their user names and passwords without realizing it. Sometimes, they're doing so in hopes of getting a good deal -- by buying unauthorized iTunes gift codes online, for example.

The takeaway should be obvious, but it's worth repeating: Never reveal your iTunes user name and password to anyone except within iTunes itself.

You also should change your iTunes password regularly and choose a password that is secure.

Automatic Payments

Many users store their credit card or PayPal account information with their iTunes account, so they need to enter only a user name and password to make a purchase. Once that info is entered, the amount of your iTunes purchase is automatically charged to your credit card or PayPal account. If you don't check your billing statement regularly, hackers could rack up a good deal of iTunes charges before you even realize that your account has been compromised.

You have a couple of options to prevent this. One is to remove the credit card or PayPal account info that you have stored in iTunes. This means you'll have to enter it manually every time you want to make a purchase, which could become annoying. If you decide you want to keep the info stored in iTunes, you should be vigilant about checking your accounts. Check your account activity and balance regularly to make sure that there has been no unauthorized activity.

Available Remedies

What if there has been unauthorized activity? What should you do then? Apple recommends that all users contact their financial institution to discuss unauthorized charges. PayPal reportedly is reimbursing customers who've been hit with fraudulent activity on their accounts, and many credit card companies have standard policies in place to do the same.

Apple also suggests that users change their iTunes passwords immediately, which is easy enough if you still have access to your iTunes account. But some users have reported that the hackers have gone into their iTunes accounts and changed the passwords themselves -- leaving the actual account owner without access. In this case, you'll need to reset the password manually. To do this, you'll need your Apple ID and access to a linked e-mail account, or you'll have to answer the security questions that were provided when you created your Apple ID.

If you're thinking it would be easier to start over and simply cancel your account, well, that's not exactly the case. There is no link in iTunes that allows you to easily cancel your account; to do so, you'll have to contact Apple directly. And if you do decide to cancel your account, you could lose access to all of the content you've previously purchased from Apple's iTunes store.

Join the PC World newsletter!

Error: Please check your email address.

Tags online securityApplesecuritypaypalphishingiTunes

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Liane Cassavoy

PC World (US online)
Show Comments

Cool Tech

Crucial Ballistix Elite 32GB Kit (4 x 8GB) DDR4-3000 UDIMM

Learn more >

Gadgets & Things

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Family Friendly

Lexar® JumpDrive® S57 USB 3.0 flash drive 

Learn more >

Stocking Stuffer

Plox Star Wars Death Star Levitating Bluetooth Speaker

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?