Apple Users Are Being Spammed with Password Reset Requests

Beware Apple users – a phishing scam is doing the rounds, targeting Apple devices. It’s being called as ‘MFA Bombing’ where unknown threat actors send you unsolicited system-level password reset requests, and loads of them.

The attack is not just limited to iPhones. Many users have reported that the constant pop-ups also prevented them from using their MacBook and Apple smartwatch until each and every one of them was manually deleted.

Patel said that he was bombarded with more than 100 requests and had to manually deny each of them to be able to access his device again. Then, 15 minutes later he got a call from the hackers pretending to be Apple’s support team. He was told that his account was under attack and that he needed to share an OTP with them to secure it again.

Good on Patel that he was immediately suspicious and asked the fake Apple staff to verify some of his details such as name, email, old emails, phone number, address, date of birth, etc. Surprisingly, the caller was able to get most of the answers right, except Parth’s name. When they addressed him as Anthony S, he knew something was off and disconnected the call.

In case Patel ended up sharing the OTP with the attackers, they would have logged him out of all his Apple devices and even wiped his data.

What’s interesting is this wasn’t a standalone instance. Several other users have had similar experiences. One of the targeted user said that he was awakened in the middle of the night by the sound of notifications and almost clicked on “Allow” in his sleepy state.

Apple is also in the eye of the storm of a landmark lawsuit brought against it by the DOJ for allegedly monopolizing the smartphone market.

Why Did the Attackers Send 100+ Reset Requests?

It’s easy to see how being bombarded with pop-ups left, right, and center might lead users to accidentally click Allow, or they might do it out of frustration in an attempt to prevent more pop-ups. Either way, if they give in, their device will be compromised.

These types of attacks are called multi-factor fatigue attacks and have been quite popular in the last few years—so much so that Microsoft (which is undergoing an attack by Russia-backed hackers) had to change the way its MFA codes worked just to avoid them.

However, Apple is unfortunately yet to take a step against it. In fact, Apple hasn’t yet commented on the issue at hand, either.