Apple users are being warned of a new phishing scam that is targeting them and attempting to change their password in order to lock them out of their devices. Scammers have been calling individuals while pretending to be Apple Support, tricking them into providing personal information.
The scam begins with system notifications asking users to reset their Apple ID password. Users are unable to do anything else on their device until they either approve or deny the request. Even if users deny the request, scammers have been calling from a spoofed Apple Support number and asking for a one-time passcode.
Interestingly, the scammers have the correct personal data of the users but often get their name wrong, indicating that the data may have been obtained from third-party sources. If users were to provide the one-time passcode or approve the password reset request, scammers would be able to lock them out of their devices and potentially delete their data.
Reports have shown that many users have already fallen victim to this scam, including friends of a startup founder who shared his experience on social media. Apple has declined to comment on the issue, directing users to support articles on recognizing phishing attacks.
According to Krebs on Security, scammers may be exploiting a bug in Apple’s password reset feature. It is important for Apple users to be vigilant and verify the authenticity of any communications from Apple Support to avoid falling prey to this scam.
“Infuriatingly humble tv expert. Friendly student. Travel fanatic. Bacon fan. Unable to type with boxing gloves on.”