Skip to main content

Use Apple Pay or Google Pay? Here's the digital wallet scam

Around 227 million people use Apple Pay, with 100 million using Google Pay. These applications have made purchasing things online or in person faster and easier, with nearly half of all e-commerce transactions worldwide using digital wallets. With so many purchases using Apple Pay and Google Pay, it’s no surprise that hackers are attempting to take advantage. We’ve taken a look at the digital wallet scam, and how you can keep yourself (and your card details) safe.

What is the digital wallet scam?

The digital wallet scam isn’t the most elaborate or sophisticated scam that we’ve seen; although there are a couple of different versions of this scam depending on whether you’re using Apple Pay, or another digital wallet service like Google Pay.

If you’re using Apple Pay, this scam starts with a text message, informing you that the card that you are using for Apple Pay needs to be re-registered. Clicking the link in the text message takes you to a page to input a ton of personal information, including your full name, address, email address, and date of birth. Then you'll be asked to put in their card details - all of your card details. That includes the sort code, account number, card number, expiry date and the three digit security code on the back.

If you’re using Google Pay or another digital wallet provider, this scam starts with a phone call from the phisher, pretending to be someone from your bank. This individual will inform you of some suspicious activity on your account, and for ''security purposes'' tell you to add your card to an application called ‘Wallet Pay’. You'll then receive a text message to register for this service, and all of your personal information is requested as well as your card details. 

How do you know this is a scam?

The digital wallet scam is interesting; although the objective for both Apple Pay users and other digital wallet users is the same, phishers are attempting this in a couple of different ways. As such, there are different ways to check whether this text, or this phone call, is a scam.

Apple Pay user?

If you’re an Apple Pay user, the easiest way to check the validity of the claim made in the text is by trying to make a purchase with the card in question. If you don’t want to make a purchase, you can even head to your digital wallet and remove the card and re-adding it within your digital wallet.

To add a card to Apple Pay, you simply go to the Wallet application, and tap to add a card. If the card issuer supports Apple Pay, you’re using the latest version of iOS, and you’re in a supported country, it should be possible to add a card.There is no need to click the link in the text message at all.

If you are convinced by the text message, warning alarms should sound as soon as you see the amount of information that is being requested. Apple Pay does not request this personal information when adding a card, and it also doesn’t require you to add the sort code or account number of your card.

Google Pay user?

If you’re a Google Pay user, or you use another digital wallet service, you might receive the phone call for this scam. If you do receive a call informing you of suspicious activity on your account, this should be a red flag. Although some banks do contact you to inform you of some suspicious activity, this is often a tactic used by phishers. To check whether this claim is true, end the call and contact your bank yourself. 

Never use a phone number given to you by the cold caller; instead look the number up online and ensure that you contact the bank using the number listed on their official website. If you’re calling from a landline, wait a couple of minutes before calling your bank to ensure that the cold caller has disconnected. Do not download the application that a cold caller has asked you to; instead, contact your bank. 

Remember, banks should never ask you for personal information like your PIN, passwords or the three digit security code on the back of the card. If they do, you could be talking to a phisher.

Tweet us @TranscenditUK


The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
SIRIUS use Transcendit for our IT needs. They are proactive, high quality, charge fairly and are a pleasure to work with. Shkun Chadda

Based on 12075 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 09-October-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner