‘MFA bombing’ attacks targeting some iPhone users

FILE-A woman uses an Apple iPhone in front of a computer. (Photo by Chris Ratcliffe/Bloomberg via Getty Images)

A recent scam targets some iPhone users with alerts asking them to change their password. 

The scheme is called "MFA bombing" (MFA stands for multi-factor authentication) and involves constant pop-up messages to some iPhone users notifying them that they need to change their password. 

In a statement from Apple provided to FOX Television Stations, the company said "We are aware of reports that a small number of iPhone users are receiving a high volume of alerts asking if they are attempting to reset their password and have taken steps to address the reported issue."

RELATED: Apple iPhone’s stolen device protection: How to turn on newest security feature

Scammers will pose as Apple technical support staff to walk customers through the password reset process. WBAY-TV in Wisconsin reports that the scammers will then steal the user's password, and access their Apple account to obtain their personal information.

Apple offers helpful tips for customers on their company support page:  

The tech company explains on its page that "if you're suspicious about an unexpected message, call, or request for personal information or money, it's safer to presume it's a scam and contact that company directly if you need to. If you're concerned about a security issue with your Apple device, you can get help from Apple."

RELATED: Apple software update released to fix important security issue

"Scammers use fake Caller ID info to spoof phone numbers of companies like Apple and often claim that there's suspicious activity on your account or device to get your attention. Or they may use flattery or threats to pressure you into giving them information, money, and even Apple gift cards."

Apple notes that if consumers get an unsolicited or suspicious phone call from someone claiming to be from Apple or Apple Support, just hang up.

Customers can also report scam phone calls to the Federal Trade Commission (U.S. only) at reportfraud.ftc.gov or to their local authorities. 

This story was reported from Washington, D.C.


 

Crime and Public SafetyAppleConsumer