By news@appleinsider.com (Malcolm Owen) Apple users are becoming the target of a new wave of phishing attacks called “MFA Bombing” that relies on user impatience, and a bug in Apple’s password reset mechanism.An example of the Apple ID password reset notificationPhishing attacks often rely on users supplying information to an attacker or allowing them to do something to their account, often via an email, text message, or other messaging means. A recently discovered phishing attack has used a new route to make victims fall for it, by using Apple’s password reset system.Dubbed “MFA Bombing,” “MFA Fatigue,” or “Push Bombing,” the attack detailed by Krebs on Security is an elaborate phishing attack that appears to revolve around a bug in the password reset feature. Victims are inundated by “Reset Password” notifications, including the text “Use this iPhone to reset your Apple ID password,” and the options to allow or reject the request. Continue Reading on AppleInsider | Discuss on our Forums
Source:: Apple Insider