Apple device users are being targeted by a new phishing hack that uses multi-factor authentication (MFA) bombing to steal their data. Several Apple users in recent days have reported a hacking attempt that appears to take advantage of Apple's password reset feature, KrebsOnSecurity reported, citing people who have been targeted. The scammers have used Apple's password reset tool to spam their targets with dozens, if not hundreds, of notifications asking the user to reset their Apple ID password.
Apple Device Users Targeted by New Phishing Hack Using Multi-Factor Authentication Bombing to Steal Data
Apple, California, USA United States of AmericaApple device users are being targeted by a new phishing hack that uses multi-factor authentication (MFA) bombing to steal their data.
Several Apple users in recent days have reported a hacking attempt that appears to take advantage of Apple's password reset feature.
Confidence
70%
Doubts
- It is unclear if the hackers have gained access to any sensitive information from the targeted users.
Sources
77%
Apple Users Are Getting Bombarded With ‘Reset Password’ Requests
Gizmodo Jody Serrano Wednesday, 27 March 2024 20:45Unique Points
- Apple users are being targeted by a phishing scam that aims to change their password and lock them out of their devices.
- The attackers have even called individuals and pretended to be Apple Support.
- In some cases, the scammers have received more than one hundred requests on X (formerly known as Twitter) from users who denied all the password reset requests they received.
- Parth Patel, a startup founder, reported receiving a call from someone claiming to be from Apple Support 15 minutes after he denied all the password reset requests he received.
- The number they called was Apple's official support number, which had been spoofed by bad actors who can trick caller ID into displaying a different name or phone number.
- Scammers are exploiting a bug in Apple's password reset feature.
- Apple declined to comment on the phishing attacks and directed Gizmodo to one of its support articles on recognizing phishing attacks.
Accuracy
- Scammers are exploiting a bug in Apple's password reset feature, though this is just a theory at this point.
Deception (90%)
The article is deceptive in several ways. Firstly, the author claims that Apple users are being targeted by a phishing scam to change their password and lock them out of their devices. However, this information has been widely reported on multiple news sites including Krebs on Security which was cited in the article itself.- The article states that 'Apple's Bigger-Screen 15-inch MacBook Air | Gizmodo Review' is a source for information. However, this statement is not true as there are no reviews of Apple's bigger screen MacBook Air on the website.
- The article states that 'Apple's official support number was spoofed by scammers'. This statement implies that Apple has an official support number which is false. The correct way to spell it is 'Apple Support'.
Fallacies (85%)
The article reports on a phishing scam targeting Apple users. The author provides examples of how the scammers are using system notifications to trick users into resetting their passwords and lock them out of their devices. They also mention that some users have received calls from individuals pretending to be Apple Support, which is another tactic used by phishers. Additionally, the article highlights a case where a user was able to identify the scam because they knew data about themselves had been compiled by People Data Labs and sold as part of their people search service.- The attack begins with system notifications asking users to reset their Apple ID password.
Bias (85%)
The article reports that Apple users are being targeted by a phishing scam aimed at changing their password and locking them out of their devices. The scammers have been sending system notifications asking the user to reset their Apple ID password, which cannot be denied until approved or denied each request. Even if users deny all the requests, they may still receive calls from people claiming to be from Apple Support with a spoofed phone number.- Apple's Bigger-Screen 15-inch MacBook Air | Gizmodo Review
- Parth Patel received a call from someone claiming to be from Apple Support after denying all the password reset requests he received. The number they called from was Apple's official support number, which he later confirmed was a spoof.
Site Conflicts Of Interest (50%)
None Found At Time Of Publication
Author Conflicts Of Interest (50%)
None Found At Time Of Publication
84%
New password reset attack targets Apple device users - what to do if it happens to you
ZDNet Thursday, 28 March 2024 01:33Unique Points
- Apple device owners are facing a new phishing hack that uses multi-factor authentication (MFA) bombing to steal their data.
- Several Apple users in recent days have reported a hacking attempt that appears to take advantage of Apple's password reset feature, KrebsOnSecurity reported, citing people who have been targeted. The scammers have used Apple's password reset tool to spam their targets with dozens, if not hundreds, of notifications asking the user to reset their Apple ID password.
- Phishing attacks have been used for decades to target unsuspecting victims. But in recent years, scammers have increasingly turned to phishing as a desirable way to steal passwords, delete data, and ultimately steal money from their victims.
Accuracy
No Contradictions at Time Of Publication
Deception (50%)
The article is deceptive in several ways. Firstly, the author claims that Apple device owners are facing a new phishing hack that uses multi-factor authentication (MFA) bombing to steal their data. However, this statement is not supported by any evidence presented in the article and appears to be an exaggeration for attention purposes.- Armed with that information, the scammers could simply reset the Apple ID password and get full access to the user's account.
- The scammers have used Apple's password reset tool to spam their targets with dozens, if not hundreds, of notifications
Fallacies (100%)
None Found At Time Of Publication
Bias (85%)
The article reports on a new phishing attack that targets Apple device users by exploiting the password reset feature. The author cites sources who have been targeted and explains how the scammers use multiple notifications to pressure victims into allowing the password reset or calling them for verification. The author also provides some statistics on mobile phishing attacks in general and mentions a possible solution (creating a recovery key) that may not be effective against this specific attack. The article does not present any assertions by the author, but rather quotes from sources who have been affected or contacted Apple support for help.- After those targeted by the scam chose to not allow their passwords to be reset, they received phone calls from the scammers claiming they were from Apple's support team
- Apple device owners are facing a new phishing hack
- Armed with that information, the scammers could simply reset the Apple ID password and get full access to the user's account.
- Pressing the "Allow" option gets the scammers one step closer to resetting the user's credentials because that device could then be used to create a new Apple ID password.
- Several Apple users in recent days have reported a hacking attempt that appears to take advantage of Apple's password reset feature, KrebsOnSecurity reported, citing people who have been targeted.
- Their goal was to send a password reset code to the user's device and have the user tell them the code.
- The scammers have used Apple's password reset tool to spam their targets with dozens, if not hundreds, of notifications
Site Conflicts Of Interest (100%)
None Found At Time Of Publication
Author Conflicts Of Interest (0%)
None Found At Time Of Publication
75%
Warning: Apple Users Targeted in Phishing Attack Involving Rapid Password Reset Requests
Nanoleaf Skylight Smarter Kit Juli Clover Tuesday, 26 March 2024 00:00Unique Points
- Phishing attacks targeting Apple users have become increasingly common
- Multiple Apple users have been targeted in an attack that bombards them with notifications or multi-factor authentication (MFA) messages to cause panic and prompt a response to social engineering
- An attacker is able to cause the target's iPhone, Apple Watch, or Mac to display system-level password change approval texts over and over again on all linked devices until dismissed one by one
- The actual popup cannot be used to gain access to an Apple device but serves as a front for attackers to incite fear in the target
Accuracy
No Contradictions at Time Of Publication
Deception (50%)
The article reports on a phishing attack that targets Apple users by bombarding them with notifications or multi-factor authentication (MFA) messages in an attempt to cause panic so they respond favorably to social engineering. The perpetrator is able to cause the target's iPhone, Apple Watch, or Mac to display system-level password change approval texts over and over again on all linked Apple products until the popups are dismissed one by one on each device. Following this flood of notifications, the attacker calls using a spoofed number that makes it appear to be coming from Apple. On these calls, the attacker confirms that the victim's account is under attack and requests sensitive information such as a one-time code to confirm a password reset or login attempt. The article also mentions an example of how this type of phishing attack can work in detail.- The perpetrator is able to cause the target's iPhone, Apple Watch, or Mac to display system-level password change approval texts over and over again on all linked Apple products until the popups are dismissed one by one on each device.
Fallacies (100%)
None Found At Time Of Publication
Bias (85%)
The article reports on a phishing attack that targets Apple users by bombarding them with notifications or multi-factor authentication (MFA) messages in an attempt to cause panic so they respond favorably to social engineering. The author provides examples of how the attack works and what information is being requested from victims, including their name, current address, past address, phone number, email address and password. They also mention that one-time codes are most often triggered as secondary security measures which allows the attacker to gain full access to the victim's Apple ID if they hand over the code at a certain point in time.- An attacker is able to cause the target's iPhone, Apple Watch, or Mac to display system-level password change approval texts over and over again. Because the password requests target the Apple ID, they pop up on all of a user's devices.
- Following the flood of notifications, the attacker calls using a spoofed number that makes it appear to be coming from Apple. On these calls, the attacker confirms that the victim's account is under attack, and that sensitive information is needed to put a stop to it.
- One-time codes are most often triggered as secondary security measures which allows the attacker to gain full access to the victim's Apple ID if they hand over the code at a certain point in time.
- The actual popup can’t be used to gain access to an Apple device
Site Conflicts Of Interest (50%)
None Found At Time Of Publication
Author Conflicts Of Interest (50%)
None Found At Time Of Publication
76%
“MFA Fatigue” attack targets iPhone owners with endless password reset prompts
Ars Technica Kevin Purdy Wednesday, 27 March 2024 18:10Unique Points
- Apple devices targeted by MFA prompt bombing
- Parth Patel received 100 notifications asking to reset his Apple password and a spoofed call from Apple support line
- Several Apple users in recent days have reported a hacking attempt that appears to take advantage of Apple's password reset feature, KrebsOnSecurity reported
Accuracy
- iCloud phishing attacks
- MFA Fatigue Attacks
Deception (80%)
The article is deceptive in that it presents a false sense of urgency by repeatedly prompting the user to reset their password. The author also implies that these attacks are successful when there is no evidence provided to support this claim.- Rapid-fire prompts sometimes followed with spoofed calls from 'Apple support'
- If the device owner is annoyed by the sudden sound or deluge of notifications (which essentially block access to other phone features) or just considers the prompt too quickly and has trained themselves to click 'Yes/No', they may accidentally let the bad folks in.
- iCloud phishing
- Having dismissed the alerts, Parth then received a call that was spoofed to appear as if it were coming from Apple's official support line.
- Enlarge / They look like normal notifications, but opening an iPhone with one or more of these stacked up, you won't be able to do much of anything until you tap 'Allow' or 'Don't Allow'.
Fallacies (85%)
The article discusses a type of phishing attack known as MFA Fatigue Attacks. The author explains how these attacks work by repeatedly hitting a potential victim's device with multifactor authentication requests, filling the screen with prompts that typically have yes/no options. This can lead to confusion and frustration for the user, causing them to accidentally click on the wrong option or dismiss too many alerts at once. The article also mentions examples of successful MFA Fatigue Attacks by both Fancy Bear advanced persistent threat group and a rag-tag bunch of teenagers known as Lapsus$. Additionally, it discusses how Apple's devices are just the latest rich target for this technique.- The article describes an example where Parth Patel received 100 notifications asking to use his device to reset his Apple password. Given the nature of the prompt, they can't be ignored or dismissed until acted upon, all but locking up the devices.
Bias (85%)
The article discusses a type of phishing attack called MFA Fatigue Attacks. The author describes how these attacks work and provides examples of successful attacks on individuals who were annoyed by the sudden sound or deluge of notifications. The article also mentions that FIDO-compliant MFA is immune to such attacks, which suggests a bias towards promoting this technology as a solution.- The author describes how these attacks work and provides examples of successful attacks on individuals who were annoyed by the sudden sound or deluge of notifications.
Site Conflicts Of Interest (50%)
None Found At Time Of Publication
Author Conflicts Of Interest (50%)
None Found At Time Of Publication