ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / ECONOMY & WORK

Think Twice Before Hitting ‘Allow’ on Your iPhone—It Could Be a Scam

The main idea of the scam is to bombard the target's phone with several push notifications in hopes that the target will press the allow option.
PUBLISHED MAR 28, 2024
Cover Image Source: iPhone Home Screen | Unsplash | Photo by Jamie Street
Cover Image Source: iPhone Home Screen | Unsplash | Photo by Jamie Street

A new Apple ID spearphishing campaign that uses "push bombing" or "MFA Bombings" has been targeting several tech professionals over the last few weeks. The core concept of the scam involves bombarding the victim's phone with numerous push notifications, commonly referred to as Multi-Factor Authentication (MFA) notifications. The aim is to induce the victim to inadvertently grant permission by selecting "Allow" instead of "Don't Allow" at least once.

Image Source: Photo by PhotoMIX Company | Pexels
Image Source: Photo by PhotoMIX Company | Pexels

Tech professional Parth Patel recently shared his encounter with a scam on X, recounting the onslaught of push notifications across all his Apple devices. These notifications suspiciously requested permission to reset his Apple ID password, raising red flags. What alarmed him most was that these notifications appeared to be "system-level notifications."

Patel found himself bombarded with over 100 push notifications. After clearing them, he received a call from a fake caller ID posing as Apple's legitimate support line, asking for an OTP sent to his phone. To his dismay, the caller possessed accurate personal details, including his date of birth and current address, obtained from a "people search" site called People Data Labs.



 

A separate report from Krebs on Security highlighted similar encounters involving cryptocurrency hedge fund owners and security industry experts. They too fell victim to the scam, emphasizing that the issue was related to their Apple accounts rather than specific devices.

"If you haven’t already, I’d highly suggest scrubbing yourself from people data aggregators such as People Data Labs, Spokeo, Pimeyes, Social Catfish, and others," Patel wrote in a follow-up post. Currently, there's no way one can avoid this scam apart from hitting "Don't Allow" every time the notification appears. 

Cover Image Source: : An Apple corporate logo | Getty Images | Gary Hershorn
Image Source: An Apple corporate logo | Getty Images | Photo by Gary Hershorn

As of now, there haven't been any public reports of individuals succumbing to the Apple ID password reset scam. However, should you inadvertently grant permission by clicking "allow" on the push notification, it could result in permanent loss of access to your iCloud account. This scenario enables a successful attacker to seize control of your photos, and contacts, and even remotely erase your device.

In a particular case mentioned by AppleInsider, a target received guidance from a senior Apple engineer to activate an Apple Recovery Key as a precautionary measure. This key, comprising a 28-character code, serves as a safeguard against the standard account recovery process, providing an avenue for future account retrieval.



 

This isn't the first time Apple has confronted such an attack. In 2019, a bug dubbed "AirDoS" emerged, enabling attackers to inundate nearby iOS devices with incessant prompts to share a file via AirDrop. The Cupertino giant eventually resolved the issue through its iOS 13.3 update.

Now, with reports circulating about the company's emphasis on integrating AI into their upcoming iOS 18, it raises curiosity about potential advancements in screening and addressing such vulnerabilities. It remains to be seen whether Apple will leverage AI to implement more effective measures for identifying and mitigating these types of security threats.

This strategic shift towards AI in iOS 18 could mark a significant step forward in fortifying Apple's ecosystem against emerging cyber threats.

MORE ON MARKET REALIST
The guest said that she doesn't even let her children play with the toys to preserve them.
7 hours ago
The item might have been worth more, but no one had any idea of how much it could sell for.
1 day ago
Mr. Wonderful did not hold anything back as he even called the entrepreneurs bad at marketing.
1 day ago
The player couldn't believe that she had aced the "Grand Game" of the show.
1 day ago
Cuban beat offers from Lori Greiner and Kevin O'Leary to add the company to his portfolio.
1 day ago
Rick Harrison wanted to pay less than a thousand bucks at first, but the guest was a tough negotiator.
2 days ago
The contestant had a good start to the game but things did not end all that well.
2 days ago
The guest inherited the jewels from her mother and then found out that they were Cartier products.
2 days ago
The host Pat Sajak was seen standing with a broom while the contestant was celebrating.
3 days ago
The contestant wasn't able to match the excitement with his performance.
3 days ago
The guest said that there was so much more that she hadn't even brought to the show.
3 days ago
This wasn't the first time that an appraisal by an expert worked in favor of the seller.
3 days ago
The contestant seemed to be going through the emotions even before the results were revealed.
3 days ago
As per the guest, even her father had no idea where the piece of jewelry came from.
4 days ago
The contestant was supposed to name a deceased artist who they'd like to see perform as a hologram.
4 days ago
The shoes were apparently the same ones Ali wore in the iconic Thrilla in Manila fight in 1975.
5 days ago
The guest had no idea about the value of what he possessed and was concerned about it being fake.
5 days ago
This was perhaps one of the cruelest Bonus Round puzzles that the show has seen in a while.
5 days ago
The woman also shared her personal opinion about effect of flavorings on the brain.
5 days ago
The 51-year-old will have Hollywood star Matt Damon as partner, and Jimmy Kimmel as host.
6 days ago