Hackers are exploiting a bug in your Apple ID password reset feature to flood your iPhone with notifications. You need to know this!
This is how hackers try to hijack your Apple ID
According to a message on the website Krebs on Security entrepreneur Parth Patel was one of the victims of the new advanced phishing attack by hackers. Patel explained in a post on X that his iPhone and other Apple devices were suddenly flooded with requests to change the password. This is how hackers try to find out the Apple ID password of victims.
According to Patel, he received more than 100 requests from hackers to reset his Apple ID password. But that wasn’t all. About fifteen minutes later, he received a call from someone who appeared to be calling from the official Apple Customer Service number.
Data from People Data Labs
Speaking about the incident, Patel said: “I asked them to validate various information about me before answering their questions. The person posing as an Apple Support representative provided me with several correct personal details, such as email, phone number and billing address.’ A cunning way for hackers to find out his Apple ID.
Fortunately, Patel was tipped off that the hackers were capturing real-time data from People Data Labs used to validate Apple ID information. This caused the scammers to think that his name was Anthony S., which was therefore incorrect. People Data Labs is a platform that collects and sells personal data. In 2019, there was a massive breach that exposed data of around 1.2 billion people.
Never share a password reset code with anyone
The hackers try to convince victims that something is wrong and that they need to share the code sent by Apple to reset their password. If you share this code with someone else, that person can gain full access to your Apple ID. It is extremely important to prevent this, because with your password hackers have access to your Apple ID and all your personal (payment) information.
Krebs on Security also spoke to other Apple device users who were also targeted by the same phishing attack by hackers. In all cases, they were inundated with notifications by hackers to reset their Apple ID password and then received a call from fake Apple Customer Service minutes or days later. However, Apple never calls users unless they request it themselves. So be aware of that!
Apple has yet to comment on the matter or release an update that will prevent hackers from sending multiple password reset requests. The best way to prevent these types of attacks is to never share the code to reset your Apple ID password with anyone. It is expected that Apple will soon come up with a solution, but be extra alert for strange messages in the near future. Most importantly: never share your Apple ID password or code (over the phone) with anyone!
Do you always want to be up to date with the latest Apple news? Then please sign up for our newsletter. Additionally, download the free iphoned app and keep an eye on our website. Then you’ll never miss an Apple news again!