Scammers Are Targeting Apple Users To Steal Their Apple IDs

Scammers are trying to gain access to people’s Apple IDs by bombarding their iPhones with password reset requests and then hoping that they will accidentally allow one. And if they don’t, the second phase of the attack begins.

The scam, reported by KrebsOnSecurity, sees users receive hundreds of messages requesting that an Apple ID password reset be allowed.

If it is, the attacker can gain access to their account and lock them out by changing the password — and that could be all too easy to do accidentally as entrepreneur Parth Patel explained

“All of my devices started blowing up, my watch, laptop and phone,” Patel told KrebsOnSecurity. “It was like this system notification from Apple to approve [a reset of the account password], but I couldn’t do anything else with my phone. I had to go through and decline like 100-plus notifications.”

The report then explained that even if someone doesn’t fall for the first portion of the scam, they will then receive a call from someone claiming to be Apple Support.

“I pick up the phone and I’m super suspicious,” Patel recalled. “So I ask them if they can verify some information about me, and after hearing some aggressive typing on his end he gives me all this information about me and it’s totally accurate.”

In this instance, one piece of incorrect information gave the game away, but others might not be so lucky.

Another user received the same phone call and told the caller that they would ring back to confirm that they really were Apple. When the iPhone user called Apple Support it was confirmed that the call was a scam, while the support agent also noted that Apple will never call a user unless they have been asked to first.

Unfortunately, there doesn’t seem to be any way to prevent this from happening. If you receive an alert asking you to allow a password reset, be sure to choose the Do Not Allow option. If you then receive a call, hang up and call Apple to confirm as mentioned earlier to be sure that you’re dealing with the company and not a scammer.

You may also like to check out:

You can follow us on Twitter, or Instagram, and even like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple, and the Web.