Apple users are facing a new, sophisticated phishing attack designed to steal access to their accounts. The scheme involves bombarding victims with dozens of password reset notifications, overwhelming their devices and making routine use difficult.
The goal is to trick users into clicking “Allow” on a reset notification, which would trigger Apple to send a one-time code to their device. Hackers then attempt to obtain this code by masquerading as Apple support and calling the victim, often spoofing Apple’s official support number.
Security experts believe hackers are exploiting a potential bug in Apple’s password reset function to overwhelm users with notifications. Victims of this attack should hang up on any suspicious calls and avoid clicking “Allow” on the reset alerts.
While Apple has not directly addressed concerns about the bug, they emphasize the importance of recognizing phishing attempts. If you receive unsolicited or suspicious calls claiming to be from Apple, the best action is to simply disconnect the call.