These days, many iPhone users are facing trouble due to password reset scams. Numerous users are receiving notifications prompting them to reset their passwords, and some are even receiving calls purportedly from Apple support. Falling for this trap could lead to significant losses for iPhone users.
If you use an iPhone, beware of a potential threat lurking on your device. For some time now, many iPhone users have been bombarded with notifications instructing them to reset their passwords. What’s alarming is that users are not receiving just one notification but multiple ones.
The attackers made a led high effort focused attack on me, using OSINT data from People Data Labs and caller ID spoofing.
First, around 6:36pm yesterday all of my Apple devices started blowing up with Reset Password notifications.
Because these are Apple system level alerts,… pic.twitter.com/vX1AZvoVoN
— Parth (@parth220_) March 23, 2024
These password reset notifications on iPhones are actually part of a scam orchestrated by cybercriminals. This type of scam is often referred to as Multi-Factor Authentication Bombing or MFA Bombing.
In this cyber attack, users are tricked into receiving notifications urging them to reset their Apple ID passwords. If a user inadvertently resets their password, scammers or cybercriminals can exploit this opportunity to steal personal data.
According to a report by KerbsonSecurity, individuals receiving such notifications may also receive calls from a number claiming to be Apple Support. During these calls, scammers provide users with their basic information, creating the illusion that the call is legitimate. This information is often obtained through social engineering tactics and basic online searches.
A user named Parth shared his experience on X, stating that he received over 100 password reset notifications on all his Apple devices. Despite selecting the “Don’t allow” option, he still received a call from scammers claiming to be from Apple Support.
The scammer possessed detailed information about Parth, including his email ID and phone number. However, they got Parth’s name wrong, arousing suspicion and leading him to suspect fraud.
It’s important to note that this isn’t the first time iPhone users have fallen victim to such scams. While the company hasn’t issued an official statement regarding this issue, the latest security patch from Apple has provided some relief.
Users are advised to install Apple’s latest security patch on their iPhones immediately if they haven’t already done so. Those who have installed the patch have reported a cessation of such notifications. This suggests that Apple may be aware of the issue and has addressed it in the latest patch.