fbpx
Business

A new wave of Apple phishing attacks is targeting users

Scammers are bombarding users with password reset notifications

KrebsOnSecuritya security news and investigation website by Brian Krebs, has highlighted a concerning trend concerning phishing attacks on Apple accounts.

The emerging phishing attacks combine several multi-factor authentication messages, paired with social engineering tactics to take over user accounts.

Parth Patel, an X user, shared his experience of being targeted by the scheme, which affected all of his Apple devices, including his phone, watch and laptop (via MacRumors)

All of his devices were bombarded with Reset Password notifications, and he had to deny over 100 of them to regain control of his devices. For reference, when a reset password notification pops up, you have the option to either allow or deny. Unless one action is performed, the device essentially remains bricked.

Following the notification barrage, victims receive calls from spoofed numbers posing as Apple support. Knowing very well that the potential victim is concerned about the barrage of password reset notifications, the scammers tell the victim that their account might be compromised, and seek to extract the one-time password reset code to ‘fix’ the issue.

The sophisticated attackers obtain user names, phone numbers, and Apple IDs via data leaks. “They got a lot right, from DOB, to email, to phone number, to current address, historic addresses,” said Patel. However, the fraudsters thought Patel’s name was Anthony S., and he caught on because he had queried himself in the past on several data leaks. Additionally, the fact that Apple’s one-time password message explicitly states not to share the code with anyone confirmed Patel’s belief.

If you’re being targeted by a similar attack, do not provide any information to callers identifying as Apple. Instead, reach out to Apple support yourself and explain the situation.

Header image credit: Shutterstock

Source:@parth220_, KrebsOnSecurity Via: MacRumors

Related Articles

Comments