Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Culture Forums»Apple Users»New password reset attack...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Apple Users

Related: About this forum

hlthe2b

(102,276 posts) Wed Mar 27, 2024, 04:29 PM Mar 27

New password reset attack targets Apple device users - what to do if it happens to you (ZD-Net)

Please don't be a victim.... I tried to include the most important bits of the article, but best to read the full link

https://www.msn.com/en-us/money/other/new-password-reset-attack-targets-apple-device-users-what-to-do-if-it-happens-to-you/ar-BB1kE7xL?ocid=msedgdhp&pc=LSJS&cvid=7de468e2bbaf46ba95eecde51e45da20&ei=12

Apple device owners are facing a new phishing hack that uses "multi-factor authentication (MFA) bombing" to steal their data.

Several Apple users in recent days have reported a hacking attempt that appears to take advantage of Apple's password reset feature, KrebsOnSecurity reported, citing people who have been targeted. The scammers have used Apple's password reset tool to spam their targets with dozens, if not hundreds, of notifications, asking the user to reset their Apple ID password. Pressing the "Allow" option gets the scammers one step closer to resetting the user's credentials because that device could then be used to create a new Apple ID password. Unfortunately, tapping "Don't Allow" on all the notifications doesn't solve the problem.

After those targeted by the scam chose to not allow their passwords to be reset, they received phone calls from the scammers claiming they were from Apple's support team, according to the report. Their goal was to send a password reset code to the user's device and have the user tell them the code. Armed with that information, the scammers could simply reset the Apple ID password and get full access to the user's account.
--snip--

For now, if you're an Apple user, your only option is to stay in the know and remain vigilant. If you receive a slew of password reset requests that you didn't initiate, be sure to always choose the "Don't Allow" option on the notifications. Don't be tempted to choose "Allow" simply because the notifications aren't allowing you to use other apps or services on your device -- a core component in the fraudsters' plan. Even if you don't choose "Allow," be prepared for a call and be sure not to answer it.

Additionally, Apple has made it clear that the company does not call any of its users directly. So, if you receive a number from 1-800-275-2273 (Apple's actual support line that the scammers are spoofing to make their calls seem legitimate), don't pick up and definitely don't provide any information to the caller.
InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 16 replies, 3490 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (63) ReplyReply to this post
16 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
New password reset attack targets Apple device users - what to do if it happens to you (ZD-Net) (Original Post) hlthe2b Mar 27 OP
Thank you! n/t Lulu KC Mar 27 #1
Thanks Auggie Mar 27 #2
Thanks for the info! 50 Shades Of Blue Mar 27 #3
many thanks for this... bahboo Mar 27 #4
Tom from Microsoft doesn't call any more to help us reset our computer. twodogsbarking Mar 27 #5
K & R SunSeeker Mar 27 #6
i dont answer any number i dont know . on my land line , yes i have a land line , i have the ringers turned off AllaN01Bear Mar 27 #7
I have a landline and I do the exact same things. Dem2theMax Mar 27 #13
book marked . AllaN01Bear Mar 27 #8
If you get dozens to hundreds of notifications and phone call.. ToxMarz Mar 27 #9
Thank you StarryNite Mar 27 #10
As an aside, the phone companies can take multiple steps to alleviate the situation. Tetrachloride Mar 27 #11
its interisting that last summer the fcc shut down a huge illeagel call center in the us. AllaN01Bear Mar 27 #15
Kick sarchasm Mar 27 #12
I got one a few days ago on my Mac. Abigail_Adams Mar 27 #14
I've seen at least a half dozen technical site emphasizing this as a big deal this AM, so Kicking for DUers hlthe2b Mar 28 #16

twodogsbarking

(9,749 posts)
5. Tom from Microsoft doesn't call any more to help us reset our computer.
Reply to hlthe2b (Original post)
Wed Mar 27, 2024, 05:35 PM
Mar 27

I told him he should get a real job. Maybe he did.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

AllaN01Bear

(18,216 posts)
7. i dont answer any number i dont know . on my land line , yes i have a land line , i have the ringers turned off
Reply to hlthe2b (Original post)
Wed Mar 27, 2024, 05:52 PM
Mar 27

and in silent mode. on phone i am aware of many risks and am cautious of any thing i get on there .when your caller id shows your own name and phone number you know its a scam. i even got one from the catholic arch dioceses of san jauquin and it was a out of country number.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Dem2theMax

(9,651 posts)
13. I have a landline and I do the exact same things.
Reply to AllaN01Bear (Reply #7)
Wed Mar 27, 2024, 07:07 PM
Mar 27

I live in fire country, and a landline is essential. Cell phone service is spotty at best.

I love being able to set the landline to silent mode, ringer off. Peace at last!

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

ToxMarz

(2,167 posts)
9. If you get dozens to hundreds of notifications and phone call..
Reply to hlthe2b (Original post)
Wed Mar 27, 2024, 06:16 PM
Mar 27

a phone call from 'Apple' no less. Seriously, that should be a huge clue something very wrong is going on. Google, Microsoft, IBM, Apple, they don't call you. They have no interest in talking to you. And if you have an iPhone, Apple doesn't need to call you to reach you, they control the device they would be calling you on.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

AllaN01Bear

(18,216 posts)
15. its interisting that last summer the fcc shut down a huge illeagel call center in the us.
Reply to Tetrachloride (Reply #11)
Wed Mar 27, 2024, 07:15 PM
Mar 27

didnt take them long for them to come back uo. and it is also interisting that a small group of youtubers can shut them down. however , i understand that investigations take a long time .

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Abigail_Adams

(303 posts)
14. I got one a few days ago on my Mac.
Reply to hlthe2b (Original post)
Wed Mar 27, 2024, 07:14 PM
Mar 27

It purported to be from Apple telling me my Apple ID was blocked "for security reasons." Since I was on iCloud at the time, I had my doubts. I did not click on the box to sign in. I hovered over the sender's name, and behind "Apple" was bravotwo1@virginmedia.com. "Bravo" is pretty dumb.

I found an address to send suspect emails to Apple: reportphishing@apple.com. That's what I did.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

hlthe2b

(102,276 posts)
16. I've seen at least a half dozen technical site emphasizing this as a big deal this AM, so Kicking for DUers
Reply to hlthe2b (Original post)
Thu Mar 28, 2024, 08:42 AM
Mar 28
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Culture Forums»Apple Users»New password reset attack...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.