Friday, 13 December 2024
29.8 C
Singapore

Beware of MFA bombing: A new phishing scam targeting Apple users

"MFA Bombing" phishing attack targeting Apple users and how to protect yourself from being locked out of your account.

In a concerning trend, numerous Apple enthusiasts have become the unsuspecting victims of a phishing scheme known as “MFA Bombing.” This cunning attack exploits a loophole in Apple’s password reset system, preying on the shared human traits of impatience and oversight.

How does the scam unfold?

Imagine your day is interrupted by a barrage of “Reset Password” notifications on your iPhone, urging you to “Use this iPhone to reset your Apple ID password.” For those caught in the crosshairs of this , such alerts have become a frustrating reality. Parth Patel recounted his ordeal on , detailing how he was bombarded with up to 100 of these notifications.

The attackers’ strategy hinges on weariness and error. They bombard you with notifications in the hope that, in a moment of frustration or distraction, you’ll mistakenly press “Allow” instead of “Don’t Allow.” Falling into this trap grants the scammer the power to reset your Apple ID password, effectively locking you out of your account and devices.

Should this initial ploy fail, the scammer might escalate their tactics by impersonating Apple Support in a phone call. The aim is to coax you into revealing a one-time password, which they can use to gain control over your Apple ID.

The email addresses and phone numbers linked to your Apple ID are all the scammers need to launch this attack. These details are used on Apple’s page for a forgotten Apple ID password, triggering the relentless notifications. The exact method by which these attackers manage to spam users with multiple alerts remains unclear, though it is suspected that a glitch in the system is being exploited.

Steps to take if you’re targeted

There is no definitive solution to this problem currently. If you receive persistent notifications, remain calm and methodically tap “Don’t Allow” on each one.

Moreover, should you receive an unsolicited call claiming to be from Apple Support, remember that Apple does not make outbound calls unless requested by the customer. Notably, Apple would never ask for your one-time password reset codes over the phone.

This ordeal underscores the importance of vigilance in the digital age. By staying informed and cautious, you can protect yourself from falling victim to such schemes.

Hot this week

AmiAmi launches on Shopee Singapore, bringing exclusive Japanese collectibles to fans

Japan’s top hobby retailer AmiAmi debuts on Shopee Singapore, offering exclusive collectibles and Japanese pop culture merchandise to fans.

Google expands Product Studio to more countries

Google Product Studio is now available in 15 new countries. It empowers businesses to create better visuals using AI tools for free.

PlayStation VR2 controllers may soon work with Apple’s Vision Pro

Apple and Sony collaborate to make PlayStation VR2 controllers compatible with the Vision Pro, enhancing gaming and functionality.

Lenovo unveils advanced AI solutions and innovative cooling technologies

Lenovo launches new AI solutions, including TruScale GPUaaS and advanced cooling, to help businesses build and scale private AI efficiently.

Google’s Willow Quantum Chip raises questions despite impressive claims

Google's Willow chip claims quantum progress with faster computations and error correction, but experts question its practicality and benchmarks.

Fortnite introduces Ballistic: A new first-person tactical shooter mode

Fortnite’s new Ballistic mode is live! Enjoy 5v5 tactical shooting with no builds, unique gadgets, and thrilling gameplay in this first-person update.

VisionOS 2.2 introduces Ultrawide Mac Virtual Display for Vision Pro

VisionOS 2.2 brings Ultrawide Mac Virtual Display to Vision Pro, offering incredible multitasking with 32:9 and 21:9 screen options.

Yamaha Corporation boosts innovation with Informatica’s AI-driven data management

Yamaha Corporation partners with Informatica to use AI-driven data management for innovation and enhanced customer engagement.

2024 set to be a pivotal year for AI, NetApp report reveals

NetApp's 2024 report unveils the critical year ahead for AI, highlighting the importance of data management, security, and sustainability in leveraging AI's potential.

Related Articles

Popular Categories