• Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
What's Hot

Oppo Find N5 review: Stellar foldable has one big problem

July 30, 2025

The Naked Gun review: Charged with man’s laughter

July 30, 2025

Samsung Galaxy Tab S10 FE+ review: A Galaxy Tab S10+ for less?

July 30, 2025
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
Behind The ScreenBehind The Screen
Home»Mobile Tech»Protect against iPhone password reset attacks: How-to
Mobile Tech

Protect against iPhone password reset attacks: How-to

March 28, 2024No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Protect against iPhone password reset attacks: How-to
Share
Facebook Twitter LinkedIn Pinterest Email

One of many newest assaults on iPhone sees malicious events abuse the Apple ID password reset system to inundate customers with iOS prompts to take over their accounts. Right here’s how one can shield in opposition to iPhone password reset assaults (typically known as “MFA bombing”).

We’ve just lately heard about Apple customers being focused with MFA bombing (additionally known as MFA fatigue or push bombing). It’s not a brand new assault, however it may be a convincing rip-off because it pushes official iOS password reset prompts to victims.

As detailed by Krebs on Safety (by way of Parth Patel), attackers abusing this vulnerability look like doing so by way of an Apple person’s telephone quantity which might bomb your iPhone and different Apple units with 100+ MFA (multi-factor authentication) system prompts to reset your Apple ID password.

How you can shield in opposition to iPhone password reset assaults

  1. Decline, decline, decline
    • As a result of the reset password requests are a system-level alert, it feels convincing – however make sure that to decide on “Don’t Permit” for all of them
    • A method attackers put on victims down is by bombing them with a whole lot of prompts, generally over a number of days – preserve selecting “Don’t Permit” and optionally use step 3 beneath
    • Notice: In case you see a password reset immediate on the net that could be a distinct phishing rip-off, shut the web page as both button may result in a malicious hyperlink
  2. Don’t reply telephone calls – even when caller ID says “Apple Help” or related
    • Attackers are utilizing name spoofing which might make the incoming quantity seem because the official Apple Help telephone quantity and they can confirm private data making the rip-off sound legit
    • Subsequent, they attempt to get a one-time passcode from you to take over your Apple account
    • If in any doubt, decline the decision – and name Apple again (800.275.2273 within the US) – name spoofing shouldn’t be capable to intercept your outgoing name to the actual Apple
    • Apple highlights it won’t make outbound calls “until the shopper requests to be contacted” and that you must by no means share one-time codes with anybody
  3. Quickly change your telephone quantity related together with your Apple ID
    • In case you proceed to get the prompts, altering your telephone quantity tied to your Apple ID ought to cease them
    • Nonetheless, take into accout it will intervene with iMessage and FaceTime

Extra particulars

Protect against iPhone password reset attacks how to

As famous in Krebs on Safety’s article, it seems there’s a fee restrict drawback with the Apple ID password reset system.

What sanely designed authentication system would ship dozens of requests for a password change within the span of some moments, when the primary requests haven’t even been acted on by the person? Might this be the results of a bug in Apple’s methods?

Hopefully, Apple is engaged on a repair so malicious events can’t abuse this technique. However sadly, the password reset rip-off has been highlighted by customers for no less than two years (possible extra).

See also  FTC and DOJ Investigating Beeper iMessage Controversy

One current sufferer shared {that a} senior engineer at Apple suggested him to activate the Restoration Key characteristic for his Apple ID to cease the password reset notifications. Nonetheless, in additional testing, that turned out to not be the case and Krebs on Safety verified Apple Restoration Key doesn’t stop reset password prompts.

Associated:

Photographs by 9to5Mac

FTC: We use revenue incomes auto affiliate hyperlinks. Extra.

Source link

attacks Howto iPhone password protect Reset
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Your Next iPhone Charger Won’t Need an Apple Logo to Be Fast

July 25, 2025

The iOS 26 Public Beta Cycle Begins

July 24, 2025

Want to Add USB-C to Your Older iPhone? This Case Might Do the Trick

July 24, 2025

iOS 26 beta 3 revision now available

July 24, 2025
Add A Comment

Comments are closed.

Editors Picks

Huawei Nova 10 Pro review

November 16, 2022

Does economic and geopolitical instability affect your startup’s TAM? • DailyTech

September 6, 2022

Outriders Worldslayer review: Another bumpy ride on Enoch

June 30, 2022

A New Intimate Wellness Company Aims To Help Women With Common, But Neglected Issues

October 20, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Oppo Find N5 review: Stellar foldable has one big problem

The Naked Gun review: Charged with man’s laughter

Samsung Galaxy Tab S10 FE+ review: A Galaxy Tab S10+ for less?

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.fr - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.