Some Apple users are ポルノ映画 無修正 南米reportedly being targeted by a sophisticated attack, requesting them to hand over their Apple ID credentials over and over again.
According to KrebsonSecurity, the attack starts with unsuspecting Apple device owners getting dozens of system-level messages, prompting them to reset their Apple ID password. If that fails, a person pretending to be an Apple employee will call the victim and try to convince them into handing over their password.
SEE ALSO: Apple confirms dates for WWDC 2024This is exactly what happened to entrepreneur Parth Patel, who described their experience on Twitter/X. First, all of Patel's Apple devices, including their iPhone, Watch, and MacBook, started displaying the "Reset Password" notifications. After Patel clicked "Don't Allow" to more than one hundred requests, the fake Apple Support called, spoofing the caller ID of Apple's official Apple Support line. The fraudster Apple employee actually knew a lot of Patel's real data, including email, address, and phone number, but they got their name wrong, which had confirmed Patel's suspicions that they were under attack.
This Tweet is currently unavailable. It might be loading or has been removed.
While the attack was ultimately unsuccessful in this example, it's easy to imagine it working. The victim might accidentally allow the password reset (mistakes are easy to happen when you have to click on something hundreds of times), or they could fall for the fairly convincing, fake Apple Support call.
Patel's example isn't isolated, either; KrebsonSecurity has details on a very similar attack that happened to a crypto hedge fund owner identified by his first name, Chris, as well as a security researcher identified as Ken. In Chris' example, the attack persisted for several days, and also ended with a fake Apple Support call.
How did the attackers know all the data needed to perform the attack, and how did they manage to send system-level alerts to the victims' phones? According to KrebsonSecurity, the hackers likely had to get a hold of the victim's email address and phone number, associated with their Apple ID. Then they used an Apple ID password reset form, that requires an email or phone number, alongside a CAPTCHA, to send the system-level, password reset prompts. They also likely used a website called PeopleDataLabs to get information on both the victim and Apple employees they impersonated.
But there could also be a bug in Apple's systems, which should in theory be designed not to allow someone to abuse the password reset form and send dozens of requests in a short period of time (Apple did not respond to KrebsonSecurity's request for comment).
It appears that there's no easy or foolproof way to protect oneself from such an attack at this time, save from changing one's Apple ID credentials and tying them to a new number and email. It's hard to tell how widespread this attack is, but Apple users should be vigilant and triple-check the authenticity of any password reset request, even if it appears to come from Apple itself.
For on spammers and scammers, check out Mashable's series Scammed, where we help you navigate a connected world that’s out for your money, your information, or just your attention.
Topics Apple Cybersecurity
Mexc Ventures Launches Partnership With TON Foundation
Some Microsoft Edge users are blocked from using YouTube — here’s why
Why you should stream 'Moonlighting' right now
X CEO Yaccarino responds to Israel
NBX 2023 Berlin: The Forefront of WEB3 Innovation in Europe Returns
Prime Day 2023 luggage deals: Shop from top brands like Samsonite and SwissGear
Marked down from $499.99, the Dyson Corrale hair straightener is $299.99 for Prime Day.
Best Prime Day Kindle deal: $45 off Kindle Paperwhite
Sun Valley Obon This Weekend
200+ October Prime Day deals still live on Amazon: Apple AirPods, Nintendo Switch, and more
Foundation Launches to Pioneer the Future of Decentralized Crypto Trading
Walmart Deals Holiday Kickoff: 50+ deals still live after October Prime Day
How much of your relationship should you post on social media?
200+ October Prime Day deals still live on Amazon: Apple AirPods, Nintendo Switch, and more
Cosmoverse Comes to Istanbul as Interchain Innovation Continues to Grow
Best earbuds deal: Google Pixel Buds Pro are 30% off now at Amazon
EU warns Elon Musk: Fix Twitter/X's disinformation problem or face penalties
Prime Day monitor deals 2023: Shop Dell, Samsung, HP, and more
Guadalupe Obon Festival on Sunday at Veterans Center
Best home security deals on Prime Day
Intense videos show Hurricane Sally hit the Gulf Coast hardApple's Face ID is bad, as this police encounter makes painfully clear'Super Mario 3D AllRuth Bader Ginsburg's best pop culture momentsU.S. Customs brags about seizing 'counterfeit Apple AirPods.' Uh, those are OnePlus Buds.Apple unveils eighthApple iOS 14 bug resets default apps to Safari and Mail on rebootWe read 'Rage,' Bob Woodward's new Trump book, so you don't have toWhat apps like Snapchat, Uber, and Lyft are doing to get out the vote'The Golden Girls' 35th anniversary: How to celebrate Garmin's Fenix 6 sports watches come with a scary array of features How to help the communities affected by Hurricane Dorian Apple's 2020 iPhone might have an in Sony Xperia 5 is a longphone that maybe makes sense Watch hurricane hunters fly through Dorian’s stadium 'Tis the season for the delightfully interactive fall foliage map Dakota Fanning posts Instagram response to controversy around new movie What Google, Amazon, and Apple were doing 20 years ago Google Maps will be the built YouTube's $170 million fine isn't enough—and part of the FTC knows it
0.1429s , 9950.015625 kb
Copyright © 2025 Powered by 【ポルノ映画 無修正 南米】Apple users targeted by annoying 'Reset Password' attack,Global Hot Topic Analysis
