Apple users are under siege from a sophisticated phishing campaign known as “push bombing,” leveraging multi-factor authentication (MFA) to flood users with a deluge of system notifications, aiming to compromise their Apple IDs and access personal information. This manipulative tactic strategically aims to wear down victims or catch them off guard, potentially resulting in unwitting approval of malicious requests. Phishers even resort to caller ID spoofing during follow-up phone calls to masquerade as Apple Support, adding a layer of sophistication to their ploy.
Reports from security veterans and industry blogs highlight the critical role of phone numbers associated with Apple accounts in these attacks and the persistent nature of the threat, despite preventive measures. The lack of public address by Apple and the need for enhanced security measures underscore the gravity and urgency of this emerging threat, emphasizing the collective vigilance and continuous evolution of security measures to combat sophisticated phishing techniques.
Reference:
