There is a common misconception that Apple products have better security than Android.
No matter which side of the argument you’re on, don’t let that thought put you on guard.
There’s a new scam out there targeting iPhone users that could permanently lock you out if you’re not prepared.
Fraudulent articles about iPhone (Kurt “Cyber Guy” Knutson)
What is the “Push Bombing/MFA Fatigue” Scam?
If you suddenly see a “reset password” notification on your iPhone screen, and only see the options “Allow” or “Don’t allow,” you may be a victim of this latest “push bomb” scam. Scammers are believed to have found a way to exploit this new Apple bug. However, it’s not entirely clear if a bug is the cause.
CLICK HERE TO GET FOX BUSINESS ON THE GO
look at this notification[許可しない]Clicking (of course) just causes more of these notifications to pop up. This is similar to the annoying pop-up window attacks that were common in the past. If you desperately click “Don’t allow” over and over again, your finger may slip and click “Allow” by mistake.
Clicking “Allow” will give the scammer access to your iPhone account and could permanently lock you out of your phone.
iPhone “password reset” notification scam (Krebs on Security)
More information: How to update your iPhone passcode
Warning if you’re in the Apple ecosystem
This scam isn’t limited to your iPhone. If you are an avid user of the Apple ecosystem, it is important to note that users have reported encountering this scam on other of his Apple devices, including the Apple Watch.
Not only this, but one user reported that after he clicked “Don’t Allow” multiple times and the notification finally disappeared, the scammer actually called the user’s iPhone again and tried to get him. Did. Apple Support usually doesn’t call you out of the blue.
“Password reset” notification scam on Apple Watch (Krebs on Security)
More information: How to protect your iPhone calendar from annoying spam invites
Apple’s response to “password reset” notification scam
A company spokesperson said: “We are aware of reports that a small number of iPhone users are receiving a large number of alerts asking if they are attempting to reset their passwords and are taking steps to address the reported issues.” said.
How to outwit this scam and protect yourself
If you were the target of this attack, these password reset notifications[許可]The most important thing is not to tap . If you fire them one after another, they will disappear, although it will take some time.
If you give up and click “Allow,” the hacker behind this campaign will have full control over your Apple account. So whatever you do, don’t click “Allow”. If you need help, you can always contact Apple. Log on here.
Mac and iPhone on the table
Read more: 8 ways to lock private stuff on your iPhone
What should I do if the prompt keeps appearing?
If you keep seeing the prompt, temporarily change the phone number associated with your Apple ID. Please note that this may affect iMessage and FaceTime functionality.
Beware of scammers posing as Apple Support
If you manage to remove your notifications and then receive a call from someone claiming to be from Apple Support, it could be a scammer. Please hang up. Whatever you do, don’t give them any information. If you provide personal information, such as your social security number, Follow the steps in IdentityTheft.gov. You can make a report there, and the website will help you develop a recovery plan and walk you through each step to regain your identity. You can also call Apple directly at 800-275-2273 (US) to verify your communications.
AI worm exposes security flaws in AI tools like CHATGPT
Report a fraudulent call
Scam calls can be reported to the Federal Trade Commission. fraudreport.ftc.gov or contact local law enforcement.
Is enabling an “Apple Recovery Key” the solution?
according to Regarding Mr. Krebs’ security, Actual Apple Support suggests enabling an Apple Recovery Key to avoid notifications, but one victim tried that and it didn’t stop her.
stay tuned Apple support page For updates.
Protect your Apple account
It’s no secret that you need a phone number when setting up an Apple account. However, once your account is established, this phone number does not necessarily have to be your mobile phone number. Apple accepts his VOIP number (like this one): google voice) as a valid alternative. Therefore, one possible mitigation strategy is to change the phone number on the account to her lesser-known VOIP number.
Important note: Note that if you choose a VOIP number, Apple’s iMessage and FaceTime applications will be disabled on that device unless you also include your real mobile phone number.
Additionally, Apple’s password reset system email alias. Adding a “+” character after the username portion of an email address and adding site-specific notation (for example, cyberguy+example@use.startmail.com) will create unique email addresses associated with the same address. You can create an unlimited number of them. account. This technology makes it easy to organize and track incoming emails.
Hint: When choosing aliasconsider using something more discreet than “+apple” for added security and privacy.
Cart important points
Security is a never-ending game of cat and mouse, and no device is truly invincible. Apple is working on this issue, but it’s important to remain vigilant until a fix is completed. If you see a lot of “reset password” prompts, stay calm, resist clicking “Allow” at all costs, and patiently ignore each notification. Also, stay updated on Apple’s progress toward a permanent solution. By following these steps, you can beat this scam and keep the Apple ecosystem safe.
CLICK HERE TO GET THE FOX NEWS APP
Do you think companies like Apple should be more responsible for security vulnerabilities? Why or why not? Please let us know by email. Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter using the link below. Cyberguy.com/Newsletter
Ask your cart a question or let us know your story you’d like us to feature
Answers to CyberGuy frequently asked questions:
Copyright 2024 CyberGuy.com. All rights reserved.
