Criminals lurk around Apple’s notification system to try to wear out the victim.
Have you experienced this?
Because these are targeted attacks where a bunch of warning boxes pop up asking if the user wants to create a new password. If the user clicks yes, the phishing hackers can then change to their own password from wherever they are in the world. If you manage not to press “yes” by mistake, the perpetrators will continue: they will then try to call.
@parth220_ on X was exposed to the attack, and called Apple after the incident. An experienced Apple developer recommended creating a recovery key, but both @parth220_ and Krebsonsecurity later confirmed that this does not help, and that when switching to a new iPhone, the same messages appeared immediately.
A recovery key is a randomly generated 28-character code that helps increase the security of your Apple ID account by giving you more control over resetting your password so you can regain access to your account.
Apple
“KrebsOnSecurity tested what Ken went through and can confirm that activating a recovery key does nothing to prevent a password reset message from being sent to connected Apple devices. Visiting Apple’s “forgot password” page – https://iforgot.apple.com – asks for an email address and for the visitor to solve a CAPTCHA. After that, the page will show the last two digits of the phone number associated with the Apple account. If you fill in the missing digits and press send on that form, a system notification is sent, regardless of whether the user has activated an Apple recovery key or not,” summarizes Krebs, who has not received a response from Apple. At the very least, it sounds like a bug to be able to send so many many requests at the same time.
