Apple device users see increase in fraudulent authentication attempts

Bailey Troutman & Patrick McGee, CCIT Communications & Office of Information Security
April 10, 2024

Last week, the Office of Information Security at Clemson University updated its Cybersecurity Alerts page about a recent fraudulent situation impacting Apple devices. Similar to how Clemson uses DUO to verify a person’s identity, before someone’s Apple ID can be reset, a user’s phone receives a prompt asking for verification for the reset. In this new scam, Apple device users may experience a bombardment of up to 100 prompt notifications asking them to approve or deny a password reset on their Apple ID. These requests are fraudulent and if approved, cybercriminals can change the Apple account password and lock users out. 

Apple Watch and Iphone display notification messages asking users to allow or don't allow a reset of their Apple ID passwords and it says Stay Alert underneath those images

iPhone and Apple Watches may get bombarded with notifications like this for this scam.

Even if users deny those requests, they may still get a phone call where the scammers claim to be Apple Support because they know the phone number associated with the account. Apple Support will never initiate outbound calls to customers unless those customers have requested to be contacted. The purpose of this fraudulent call is to try to initiate a reset by having users read the text message containing a one-time passcode. If the user supplies that one-time code to the fake Apple Support caller, the cybercriminals will use that information to reset the password on the account and lock the real user out of their own account. Once the scammers have control of the account, they can also remotely wipe all of the Apple devices.

If you receive a call from someone claiming to be Apple Support, it is best to hang up and contact the official Apple Support Center to see if there is an issue. It is important to continue to deny the message notification prompts for password reset if they were not initiated by the account user.  

Visit the Cybersecurity Alerts page often to stay informed on all things related to scams that might impact the campus community. 

 Notices

Changes To Clemson Email Quarantine

FCC/FEMA Emergency Alert System Test on October 4, 2023

Check the status of university systems on Status Hub

Security upgrades to impact email spam retrieval beginning July 12, 2023

Campus network and TikTok — July 10, 2023

Kronos to require log-in through Duo mobile application on July 21, 2023

PeopleSoft and Banner Outage on June 11, 2023

Upcoming changes to Google Workspace

Temporary restrictions to iROAR access – Nov. 30, 2022

Welcome Back: Important IT Updates for Faculty and Staff

Welcome Back: Important IT Updates for Students

Eduroam Update – July 15, 2022

New Student Laptop Models Available for 2023-2024

Adobe Software is now available using your Clemson login

CCIT Chat Support is now Available

Quick Links

  Get Help

New To Clemson

Safe Computing

Password Reset

my.Clemson

Palmetto Cluster

 System Status

View Status Page

Skip Instagram Feed
  Follow ccit_clemson
Skip to Instagram Feed Start