Apple device users see increase in fraudulent authentication attempts

Bailey Troutman & Patrick McGee, CCIT Communications & Office of Information Security
April 10, 2024

Last week, the Office of Information Security at Clemson University updated its Cybersecurity Alerts page about a recent fraudulent situation impacting Apple devices. Similar to how Clemson uses DUO to verify a person’s identity, before someone’s Apple ID can be reset, a user’s phone receives a prompt asking for verification for the reset. In this new scam, Apple device users may experience a bombardment of up to 100 prompt notifications asking them to approve or deny a password reset on their Apple ID. These requests are fraudulent and if approved, cybercriminals can change the Apple account password and lock users out. 

Apple Watch and Iphone display notification messages asking users to allow or don't allow a reset of their Apple ID passwords and it says Stay Alert underneath those images

iPhone and Apple Watches may get bombarded with notifications like this for this scam.

Even if users deny those requests, they may still get a phone call where the scammers claim to be Apple Support because they know the phone number associated with the account. Apple Support will never initiate outbound calls to customers unless those customers have requested to be contacted. The purpose of this fraudulent call is to try to initiate a reset by having users read the text message containing a one-time passcode. If the user supplies that one-time code to the fake Apple Support caller, the cybercriminals will use that information to reset the password on the account and lock the real user out of their own account. Once the scammers have control of the account, they can also remotely wipe all of the Apple devices.

If you receive a call from someone claiming to be Apple Support, it is best to hang up and contact the official Apple Support Center to see if there is an issue. It is important to continue to deny the message notification prompts for password reset if they were not initiated by the account user.  

Visit the Cybersecurity Alerts page often to stay informed on all things related to scams that might impact the campus community. 

 System Status

View Status Page

Skip Instagram Feed Skip to Instagram Feed Start