Fraud & Scams

Don’t Fall for the Apple ID Password Reset Scam

Cameron Huddleston
Cameron Huddleston
May 9, 2024
Don’t Fall for the Apple ID Password Reset Scam

If you are an iPhone or iPad user and receive a barrage of notifications to reset your Apple ID password, it’s likely a scam.

There have been reports of Apple users who have been bombarded by scam messages that appear like legitimate system alerts to update their passwords. Then, they receive calls that appear to come from Apple customer support telling them they need to reset their passwords. 

The aim of the scam appears to be to gain access to Apple users’ account information and devices. Here’s what to know about how this scam works and what you can do to avoid it.

How the Apple ID scam works

By taking advantage of a weakness in a multi-factor authentication system, scammers have been using what is called “push bombing” or “MFA fatigue” attacks to send iPhone owners large numbers of unsolicited system alerts to approve a password change, according to a report by KrebsOnSecurity. Some Apple customers have reported receiving more than 100 of these alerts in a matter of minutes prompting them to reset their Apple ID password. 

Because the messages are system alerts, you can’t access your phone until you click “Allow” or “Don’t Allow.” However, pressing “Don’t Allow” doesn’t put an end to the scam. Instead, according to reports KrebsOnSecurity received, scammers call using a spoofed number that appears to be from Apple customer support. 

The callers claiming to be with customer support offer to help with the password reset alert. They ask Apple customers to provide a one-time code that has been sent to their devices. With this code, they can reset account passwords and lock users out.

How to avoid the Apple ID scam

If you aren’t trying to reset your password but are receiving alerts prompting you to do so, assume it’s a scam. Then take these steps to stay safe.

  • Don’t click “Accept.” Don’t authorize any changes to your password if you receive a message out of the blue to make a change.
  • Don’t trust caller ID.  Scammers can use technology to make the number that appears on your caller ID look like it’s from Apple customer support.  According to Apple, you should assume that any unsolicited call, message or request for information that appears to come from Apple is a scam. Hang up.
  • Never share your Apple ID password. Apple won’t ask for this information to provide support.
  • Don’t click on links in unsolicited emails or messages. Send any suspicious email or text messages that appear to be from the company to

Sometimes, these phishing attacks can happen when hackers get their hands on your personal information, such as your phone number and email address, through data breaches. Using a financial safety service such as Carefull can alert you when your personal information is being misused. Carefull provides identity, credit and account monitoring, $1 million in identity theft insurance and spam blocking assistance to cut down on the number of spam calls you receive. 

Try Carefull for free for 30 days to protect your finances, credit and identity.

Cameron Huddleston

Cameron Huddleston

3 Steps to Safer Money,
Try it Free for 30 Days

Step 1

Start your free,
no-risk trial

Step 2

Connect the accounts and cards you want protected

Step 3

Stay alerted to any
unusual activity

Disclaimer: The information and resources above and within the articles are provided for your convenience through Carefull and should not be considered an endorsement of products, services or information provided, or an assurance of security or privacy provided at the linked site. Bristol County Savings Bank does not own or operate these sites and does not guarantee the accuracy, completeness or timeliness of the information contained therein. We encourage you to review their privacy and security policies which may differ from Bristol County Savings Bank. Bristol County Savings Bank assumes no liability for any loss or damage resulting from any reliance on the material provided.