Set as Homepage - Add to Favorites

【Belgium】

Source:New Knowledge Information Network Editor:Science Time:2025-06-27 01:58:35

Some Apple users are Belgiumreportedly being targeted by a sophisticated attack, requesting them to hand over their Apple ID credentials over and over again.

According to KrebsonSecurity, the attack starts with unsuspecting Apple device owners getting dozens of system-level messages, prompting them to reset their Apple ID password. If that fails, a person pretending to be an Apple employee will call the victim and try to convince them into handing over their password.

SEE ALSO: Apple confirms dates for WWDC 2024

This is exactly what happened to entrepreneur Parth Patel, who described their experience on Twitter/X. First, all of Patel's Apple devices, including their iPhone, Watch, and MacBook, started displaying the "Reset Password" notifications. After Patel clicked "Don't Allow" to more than one hundred requests, the fake Apple Support called, spoofing the caller ID of Apple's official Apple Support line. The fraudster Apple employee actually knew a lot of Patel's real data, including email, address, and phone number, but they got their name wrong, which had confirmed Patel's suspicions that they were under attack.

You May Also Like

While the attack was ultimately unsuccessful in this example, it's easy to imagine it working. The victim might accidentally allow the password reset (mistakes are easy to happen when you have to click on something hundreds of times), or they could fall for the fairly convincing, fake Apple Support call.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Patel's example isn't isolated, either; KrebsonSecurity has details on a very similar attack that happened to a crypto hedge fund owner identified by his first name, Chris, as well as a security researcher identified as Ken. In Chris' example, the attack persisted for several days, and also ended with a fake Apple Support call.

How did the attackers know all the data needed to perform the attack, and how did they manage to send system-level alerts to the victims' phones? According to KrebsonSecurity, the hackers likely had to get a hold of the victim's email address and phone number, associated with their Apple ID. Then they used an Apple ID password reset form, that requires an email or phone number, alongside a CAPTCHA, to send the system-level, password reset prompts. They also likely used a website called PeopleDataLabs to get information on both the victim and Apple employees they impersonated.

But there could also be a bug in Apple's systems, which should in theory be designed not to allow someone to abuse the password reset form and send dozens of requests in a short period of time (Apple did not respond to KrebsonSecurity's request for comment).

Related Stories
  • I used the Apple Vision Pro on a flight to Costa Rica — and it was chaotic
  • Apple confirms dates for WWDC 2024
  • Apple, Google, and Meta are being investigated by the EU under new Big Tech regulation
  • Apple might finally let you freely customize Home Screen icons on iPhone
  • Vulnerability found in Apple's Silicon M-series chips – and it can't be patched

It appears that there's no easy or foolproof way to protect oneself from such an attack at this time, save from changing one's Apple ID credentials and tying them to a new number and email. It's hard to tell how widespread this attack is, but Apple users should be vigilant and triple-check the authenticity of any password reset request, even if it appears to come from Apple itself.

For on spammers and scammers, check out Mashable's series Scammed, where we help you navigate a connected world that’s out for your money, your information, or just your attention.

Topics Apple Cybersecurity

Previous:Google 'Ask for me:' AI that calls businesses on your behalf for pricing and availability

Next:Dallas Mavericks vs. Boston Celtics 2025 livestream: Watch NBA online

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Another Year for the NBA: Triptych for the End of a SeasonTwitter / X: Elon Musk considers pulling out of Europe to escape EU lawWordle today: The answer and hints for October 206 ways to make hiring more accessibleWhatsApp voice notes can now self'Quordle' today: See each 'Quordle' answer and hints for August 16Unconventional, Part 3: Norman Mailer and the Pigs'Golden Bachelor' has an accessibility problemBest VPN deal: NordVPN's Black Friday deal is liveWho is Andrew Tate? And why is the controversial figure taking over TikTok?Bottoming TikTok: Meet the creators providing sex education about anal sexBastille Day SaleAugust 11 'Quordle' answersThe Empress of Gowanus: Two Trees Grow in BrooklynTikTok Book Club's next read is Bolu Babalola's 'Honey and Spice'Unconventional, Part 5: Terry Southern Takes on the Fakes'Quordle' today: See each 'Quordle' answer and hints for August 13In Praise of Minor Literature'Golden Bachelor' has an accessibility problem'Golden Bachelor' has an accessibility problem Esports as seen through the eyes of grandma and grandpa Here's what to do if your smartphone's battery starts smoking British man live Google taps HTC to service Pixel smartphones in India Trump fortune DIY iPhone cases made from Evian bottles are all the rage in Japan A very serious guide to prepare for a trip to Mars If you want information on Joe Jonas' penis, he is happy to provide it 14 'Stranger Things' costumes that will turn your Halloween plans upside down Paris Saint Corgi desperately trying to get up the stairs is all of us Don't throw out old potatoes because you could turn them into cheese Mike Huckabee likens Trump to Captain Quint and Hillary to Jaws, forgets Jaws won Tennis pro Nick Kyrgios apologises after deliberate Shanghai fail 'Dishonored 2' is Emily’s game, Corvo just plays there Fighting game community mourns death of Christopher 'NinjaCW' Harris 5 super cool name ideas for future cities on Mars How Charlie Brown became a Thanksgiving Day Parade balloon again Rocket launch may be visible along the U.S. East Coast on Sunday night One of the most popular 360

1.7059s , 10137.0546875 kb

Copyright © 2025 Powered by 【Belgium】,New Knowledge Information Network  

Sitemap

Top

Quick Links