Learn more about the password reset requests targeting iPhone users that could be exploited by hackers to steal data.
People often forget passwords and quickly decide to set a new one using the password recovery process provided by most tech platforms, including Apple. But iPhone users are being warned about a major security issue that hackers are using to attack the device. New reports this week talk about a new attack that uses the password recovery mechanism and floods the iPhone user with several messages of this nature, causing them to worry.
These people don’t have to worry about clicking these notifications, but when you see 100 of these pop-ups on your screen, your iPhone becomes unusable until you dismiss them all. Here, the attacker takes advantage of your worried state and disguises himself as a caller from Apple’s support team, which never happens.
But when the victim is already confused about the password reset problem, these callers scare them further by talking about possible attacks on their account. Once in this position, they end up accidentally sharing confidential information, such as a one-time password, with an attacker, making it easier for them to gain access to the device.
The report doesn’t explain how OTP would allow a hacker to bypass the device’s security, unless there’s a bug in the iPhone that Apple still hasn’t fixed that these bad actors can exploit. We hope that Apple will heed these concerns and provide a solution as soon as possible.
Be aware that Apple will never, ever ask for any OTP or code, and certainly not call your number to get this information. Either way, a password reset scam is clearly avoidable for most people as long as they follow basic digital security guidelines.
Do not share the OTP or any code with unknown callers, especially those who claim that your Apple account is under attack. You can easily bypass these attacks and be alert for callers who may have obtained your information from another platform that leaked your information.