Share Apple users, stay alert and do not reset your password if you receive a random alert asking you to do so. Some Apple users are getting targeted by a phishing attack that tells them to their ‘Reset Password’ immediately causing panic. Here’s what’s this new scam and how you can stay safe.
An entrepreneur named Parth Patel on X (formerly Twitter) shared that he and a couple of his entrepreneur friends were bombarded with Apple system-level alerts. The alerts told the users to reset the password of their Apple ID. There were not one, not two, but over 100 such alerts received by Patel, as noted by him.
The attackers made a led high effort focused attack on me, using OSINT data from People Data Labs and caller ID spoofing.
First, around 6:36pm yesterday all of my Apple devices started blowing up with Reset Password notifications.
Because these are Apple system level alerts,… pic.twitter.com/vX1AZvoVoN
— Parth (@parth220_) March 23, 2024
Upon receiving these alerts, he then received a call from the attacker who disguised himself as an official Apple Support person. And yes, the call did come from an official Apple Support phone number. It was indeed a spoofing case.
The person on the call asked for some details about Patel, which he rejected. Instead, he asked a series of questions to the person trying to scam him. To his surprise, the caller did get several details correct about him.
“I was obviously still on guard, so I asked them to validate a ton of information about me, before answering any of their questions… They got a lot right, from DOB, to email, to phone number, to current address, and historic addresses…”
Patel got to know that the data was extracted in real-time from People Data Labs (PDL), which is how the person was able to respond to his questions. For those uninitiated with People Data Labs, it is a platform that collects and sells personal data of people.
Fortunately, the phisher thought Patel’s name was Anthony, apparently, as per PDL data. That’s how Patel finally was sure that this was a phishing attack. Thankfully, he didn’t share any data with the scammer or act quickly when prompted to reset his password.
Usually, Apple doesn’t send a series of system-level alerts to users. So if you receive multiple alerts like the case above, it’s mostly a phishing attack. The first step to not get scammed here is to not respond to anything.
Do not reset your password or do what the alert is telling you to do. If you receive a call, do not accept it, but if you still do, do not share any details with the person on the line. If you are asked for an OTP, never share it over a call, especially in such cases. Apple never calls asking for personal details or OTP, so be vigilant in such situations.
This is what we call a critical phishing technique, mainly because you are getting an alert from Apple or a call from Apple’s official number. Unfortunately, Apple hasn’t commented on the matter as of yet. Let’s hope Apple addresses the issues and recommend some official safety tips.
Get latest Tech and Auto news from Techlusive on our WhatsApp Channel, Facebook, X (Twitter), Instagram and YouTube.Author Name | Pranav Sawant
Don't Miss Out the Latest Updates. Subscribe to Our Newsletter Today!
Select Language
