What the Tech: Is your iPhone under attack?
By JAMIE TUCKER Consumer Technology Reporter
As iPhone users, we’re led to believe any message from Apple is an important one and does indeed come from Apple. What if you receive what appears to be an urgent message demanding you change your Apple ID password?
It’s an attack.
Multiple users have reported receiving messages that read “Update your Apple ID from this iPhone”. Here’s the catch, You should NEVER change your password in response to a message or notification.
Several iPhone users have shared recent messages in an online forum that they received at least a half-dozen times in one day. Making matters worse, their phone would not respond until after they clicked or tapped on the message.
When they did tap the message they received a system notification asking to approve resetting their password.
And they were forced to respond to each message in order to use their phone.
One user shared on X, that even after responding “Do Not Allow”, the received a phone call from someone who spoofed the number for Apple Security. Suspicious, the user asked the caller to provide some of the information Apple has on hand and they were able to respond by giving them their name, date of birth, and a few other pieces of information stored on Apple
servers.
This scam is called Bombing or Fatigue Attacks. The scammers bombard you with messages hoping you’ll eventually comply out of confusion or frustration. Some users report receiving the messages in the middle of the night.
People who fall for the scam and tap “Allow” on the follow-up notification will give the cybercriminal access to their Apple ID and account which results in all devices on the account becoming unusable. The criminal also has access to any credit card numbers stored on the iPhone.
And good luck getting the Apple ID back due to Apple’s strict anti-theft and privacy policies. The best course of action is to simply ignore the messages. And if you’re forced to respond to the follow-up notification you must respond “Do Not Allow”.
To safeguard your Apple ID, set up an Apple Recovery Key:
● Go to Settings on your phone
● Tap your name at the top of the page
● Select Sign-in & Recovery
● Set up the Recovery Key
The Recovery key is a 28-character code that you must remember. Write it down and keep it somewhere safe, like in a book. In fact, you may want to hide it in multiple places but don’t label it as an “Apple Recovery Key.”
Remember, you cannot forget or lose this key. If you can recall it (or at least remember where you put it), you’ll be able to recover your Apple ID and account by supplying the Key to Apple.
