Warning: Apple users are being targeted by phishing attack with fake password change requests for iPhone
Apple users are now being targeted by a sophisticated phishing attack, which exploits a possible flaw in Apple’s password reset feature. This has led to users receiving a high volume of notifications and multi-factor authentication (MFA) messages on their devices.
iPhone alert given
The attack involves tricking users into accepting an Apple ID password change request. The attacker repeatedly requests the target’s iPhone, Apple Watch, or Mac with acceptance texts to change the system-level password. The goal is to trick the user into accidentally accepting the request or harass them with an alert until they click the accept button. An attacker gains control of the Apple ID after approval, preventing the user from accessing their account as reported by KrebsOnSecurity.
Also Read: Apple WWDC 2024 Starts June 10 at Apple Park; progress on iOS, macOS confirmed
Because the attack is persistent, all connected Apple devices cannot be used until each notification is ignored. Parth Patel took to Twitter to reveal how horrific his experience was and how he had to delete over 100 alerts to get control of his devices.
In addition, attackers resort to calls impersonating Apple representatives if the user resists clicking “Allow” on password change notifications. During these calls, victims are forced to reveal a one-time password sent to their phone number, further compromising their security.
Attackers are exploiting information leaked from people search sites to gain access to users’ names, addresses and phone numbers. Although the method seems sophisticated, it is based on the email address and phone number associated with the Apple ID.
According to KrebsOnSecurity’s analysis, attackers bypass the intended operation of the system by exploiting Apple’s forgotten Apple ID password page. Attackers can send repeated messages to users despite the CAPTCHA function, most likely by exploiting a bug in Apple’s system.
Owners of Apple devices are advised to be vigilant and refrain from accepting suspicious password change requests. Also, since Apple does not make these requests over the phone, customers should be wary of unsolicited calls asking for one-time password reset codes.