iPhone alert issued! Apple users being targeted by phishing attack with fake password change requests

In a concerning development, Apple users have become the latest targets of an advanced phishing attack. The attack leverages a potential bug in Apple’s password reset functionality, resulting in a barrage of notifications or multi-factor authentication (MFA) messages bombarding users’ devices.

iPhone alert issued

The attack involves tricking users into approving an Apple ID password change request. The attacker repeatedly prompts the target’s iPhone, Apple Watch, or Mac with system-level password change approval texts. The goal is to trick the user into unintentionally accepting the request or to keep pestering them with alerts until they click the accept button. The attacker obtains control of the Apple ID upon acceptance, therefore preventing the user from accessing their account as reported by KrebsOnSecurity.

Because the attack is persistent, all connected Apple devices cannot be used until each notice is ignored separately. Parth Patel revealed on Twitter how terrifying his experience was and how he had to delete more than 100 alerts to regain control of his gadgets.

Furthermore, attackers resort to phone calls posing as Apple representatives if the user resists clicking “Allow” on the password change notifications. During these calls, victims are forced into revealing the one-time password sent to their phone number, further compromising their security.

The attackers exploit information leaked from people’s search websites, gaining access to users’ names, addresses, and phone numbers. While the method seems sophisticated, it relies on having access to the email address and phone number associated with the Apple ID.

According to KrebsOnSecurity’s analysis, attackers bypass the intended functioning of the system by taking advantage of Apple’s forgotten Apple ID password page. Attackers can send users repeated messages despite the CAPTCHA function, most likely by taking advantage of a bug in Apple’s system.

Apple device owners are advised to be vigilant and refrain from approving suspicious password change requests. Additionally, as Apple does not make these requests over the phone, customers should be cautious of unwanted phone calls asking for one-time password reset codes.