iPhone password reset attacks: What is this new scam and how to stay safe | How-to

iPhone password reset attacks: What is this new scam and how to stay safe

Attackers exploit Apple's password reset system to inundate users with deceptive prompts, aiming to compromise their Apple ID accounts.

| Updated on: Apr 22 2024, 15:38 IST
 iPhone password reset attacks: What is this new scam and how to stay safe
Protecting your Apple ID: How to defend against password reset attacks (support.apple.com)

With the rise of cyber threats, iPhone users are facing a new challenge: password reset attacks, also known as "MFA bombing." This scam inundated Apple devices with multiple password reset prompts, aiming to deceive users into compromising their accounts. Here's how to protect yourself against these attacks.

Understanding the Attack

The MFA bombing attack leverages Apple's password reset system, bombarding victims with legitimate-looking iOS prompts to reset their Apple ID passwords. Attackers use the victim's phone number to flood their devices with these prompts, often reaching over 100 alerts, reported 9to5mac.

Also read: Apple now has a new problem with store pickup for online orders- All details about the scam that costs over $400,000

Also read
Looking for a smartphone? To check mobile finder click here.

Stay Informed: Updates on the Attack

Apple addressed this vulnerability with a fix at the end of March, reducing the number of reported cases. However some users have still encountered these password reset prompts as recently as April 21, 2024.

Protective Measures: What You Can Do

1. Decline System Alerts: When prompted with a password reset request, always choose "Don't Allow." Attackers may bombard you with multiple prompts, but consistently declining them is crucial.

Also read: iPhone 16 may get on-device LLM support for generative AI: Know all details about what Apple is planning with iOS 18

2. Beware of Phone Scams: Avoid answering calls, even if they appear to be from "Apple Support." Attackers use call spoofing to mimic official Apple numbers, attempting to extract personal information or one-time passcodes. If in doubt, decline the call and contact Apple directly at 800.275.2273.

3. Secure Your Apple ID: If you're continuously receiving prompts, consider changing the phone number linked to your Apple ID. While this can stop the attack, be aware that it may affect iMessage and FaceTime functionalities.

Stay Vigilant and Safe

Password reset attacks are becoming increasingly sophisticated, but with awareness and proactive measures, you can safeguard your Apple account and personal information. Always stay vigilant, decline suspicious requests, and verify any unexpected communication directly with Apple.

By following these simple steps, you can better protect yourself against MFA bombing and other cyber threats targeting Apple users.

One more thing! We are now on WhatsApp Channels! Follow us there so you never miss any updates from the world of technology. ‎To follow the HT Tech channel on WhatsApp, click here to join now!

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 22 Apr, 15:37 IST