Experiencing numerous password reset requests on your Apple devices? You might be a target of a phishing scam known as ‘MFA Bombing’
Numerous Apple iPhone users are reportedly receiving numerous system-level password reset requests on their devices, possibly due to a sophisticated phishing scam known as ‘MFA Bombing’. These requests could hinder affected individuals from using their devices until they address each prompt.
Kerbs on Security’s blog post suggests that the phishing attack might exploit a flaw in Apple’s password reset feature to send multiple prompts to users. If you mistakenly click the ‘Allow’ button or successfully decline all password reset requests, scammers might subsequently contact you, spoofing Apple’s official support number.
Pretending to be Apple Support representatives, the scammers inform users that their accounts are under attack. They then ask users to verify themselves by sharing a one-time code. If you share the code, the scammers can log out of all your Apple devices and potentially even remotely wipe them.
In a recent post on X by Parth Patel, the scammers requested that he share the one-time code. Patel promptly refused and instead asked the fake Apple representative to verify personal information such as his current and past addresses, email, phone number, and date of birth.
Patel noticed that the call was fake despite the scammer providing mostly accurate information, as they mistakenly referred to him as Anthony S.
What steps can I take to safeguard against MFA Bombing?
If you accidentally press ‘Allow’ and the attackers request the one-time code over the phone, you can inform them that you will call back on the official Apple support number. Additionally, official Apple representatives will never ask users to provide personal information to verify themselves. If the person on the other end of the line does, they are likely using a spoofed official Apple support number.
Another precaution you can take is to enable the ‘Apple Recovery Key’ option, which uses a lengthy passcode to prevent attackers from resetting your Apple account password.
