Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

hkjaber

macrumors newbie
Original poster
Sep 14, 2024
4
6
Was sitting at work when I got a bunch of phone calls from different states and even France. Declined each one. Then I got a notification asking to allow someone logging in into my account. Declined both times. Then my "FIND MY IPHONE" kept going off. Then someone began deactivating my apple wallet cards. All of them.

I changed my password immediately and had it log out of all my other devices. All the calls and weird issues stopped. I do have 2FA on. How is apple allowing these sign on attempts when it had my GPS and knows my where i am. If debit cards can freeze due to sus activity, how is apple allowing these sign on attempts to go through. Why did they keep calling me?
 

4sallypat

macrumors 601
Sep 16, 2016
4,031
3,781
So Calif
Was sitting at work when I got a bunch of phone calls from different states and even France. Declined each one. Then I got a notification asking to allow someone logging in into my account. Declined both times. Then my "FIND MY IPHONE" kept going off. Then someone began deactivating my apple wallet cards. All of them.

I changed my password immediately and had it log out of all my other devices. All the calls and weird issues stopped. I do have 2FA on. How is apple allowing these sign on attempts when it had my GPS and knows my where i am. If debit cards can freeze due to sus activity, how is apple allowing these sign on attempts to go through. Why did they keep calling me?
Are you behind a secured firewall (physical hardware) ?

Do you have malicious protection installed (software)?

Have you checked with your company's ISO on port intrusion or DOS ??

Apple would not be responsible for this type of activity - this up to the ISP / user / network.
 
  • Like
Reactions: slippery-pete

hkjaber

macrumors newbie
Original poster
Sep 14, 2024
4
6
Are you behind a secured firewall (physical hardware) ?

Do you have malicious protection installed (software)?

Have you checked with your company's ISO on port intrusion or DOS ??

Apple would not be responsible for this type of activity - this up to the ISP / user / network.
I dont think i have any of those. Was not even connected to wifi or anything
 

russell_314

macrumors 604
Feb 10, 2019
6,640
10,228
USA
I suspect your password is compromised. Even though Apple has your GPS, they’re not going to GPS lock your account. Never reuse passwords and always have a complicated password.

Perhaps someone has a device with your account signed onto it?

Also, if you signed onto your Apple account from a compromised device, this could be the answer. Often people download pirated software on their Mac that contains some wonderful extra stuff.

To answer your main question, Apple is very secure, but you and your devices might not be so secure, depending on what you’ve been doing. Change your password like you did and then review what devices are logged into your account. Delete any devices that you no longer own.
 
  • Like
Reactions: slippery-pete

hkjaber

macrumors newbie
Original poster
Sep 14, 2024
4
6
I suspect your password is compromised. Even though Apple has your GPS, they’re not going to GPS lock your account. Never reuse passwords and always have a complicated password.

Perhaps someone has a device with your account signed onto it?

Also, if you signed onto your Apple account from a compromised device, this could be the answer. Often people download pirated software on their Mac that contains some wonderful extra stuff.

To answer your main question, Apple is very secure, but you and your devices might not be so secure, depending on what you’ve been doing. Change your password like you did and then review what devices are logged into your account. Delete any devices that you no longer own.
Only devices that are attached to my account are my phone and watch. I'm assuming my password got leaked as i did once get a notification from Norton saying it found my info in some database. Passwords changed so hopefully no issues
 
  • Like
Reactions: russell_314

russell_314

macrumors 604
Feb 10, 2019
6,640
10,228
USA
Only devices that are attached to my account are my phone and watch. I'm assuming my password got leaked as i did once get a notification from Norton saying it found my info in some database. Passwords changed so hopefully no issues
Even the mention of Norton, makes me cringe a little bit. I’m not saying all of their stuff is bad, but I think they sell fear like most security software companies. No security software can prevent your accounts from being compromised. Only smart user practices will do that. Most people say their accounts were hacked but what they really mean is they gave someone their password. Sometimes it’s completely unintentional like they clicked on a link and an email saying Your Apple account needs verification, please click this link to log into your account. Of course the link is the phishing website and they collect your username and password.

If possible I would avoid logging onto your Apple account on non Apple devices. If you have to at least verify the computer is free of any kind of malware. It’s very easy to get a key logger on a Windows computer and there goes all your passwords. Also use a password manager to generate random passwords because even though you think you can make a random password, it’s not random.
 

hkjaber

macrumors newbie
Original poster
Sep 14, 2024
4
6
Even the mention of Norton, makes me cringe a little bit. I’m not saying all of their stuff is bad, but I think they sell fear like most security software companies. No security software can prevent your accounts from being compromised. Only smart user practices will do that. Most people say their accounts were hacked but what they really mean is they gave someone their password. Sometimes it’s completely unintentional like they clicked on a link and an email saying Your Apple account needs verification, please click this link to log into your account. Of course the link is the phishing website and they collect your username and password.

If possible I would avoid logging onto your Apple account on non Apple devices. If you have to at least verify the computer is free of any kind of malware. It’s very easy to get a key logger on a Windows computer and there goes all your passwords. Also use a password manager to generate random passwords because even though you think you can make a random password, it’s not random.
Yeah idk i just have it to scan my phone here and there and it said my password was in some data leak. I only ever log into my icloud on the phone and maybe like once a year for something since it always asks for the pin instead. No idea what happened but i assume someone got my user and pass and was logging in. Still unsure if they deactivated all my cards in my apple wallet, or apple did. Almost pooped myself as i have a savings account and was scared i could lose access.
 
  • Like
Reactions: russell_314

russell_314

macrumors 604
Feb 10, 2019
6,640
10,228
USA
Yeah idk i just have it to scan my phone here and there and it said my password was in some data leak. I only ever log into my icloud on the phone and maybe like once a year for something since it always asks for the pin instead. No idea what happened but i assume someone got my user and pass and was logging in. Still unsure if they deactivated all my cards in my apple wallet, or apple did. Almost pooped myself as i have a savings account and was scared i could lose access.
What are you scanning your phone with? Don’t tell me you have some sort of “antivirus” on your phone. I put antivirus in quotes because an antivirus can not function on an iPhone. iOS will not allow an app to have that much capability. I could be wrong on this and maybe something has changed in the past few years, but I don’t think so.

I know it’s possible for someone to remove your cards on your device remotely from either another device or the Apple webpage. They can’t actually access the cards from the webpage though, only see them. They can’t even see the number other than the last four.

It sounds like someone had your Apple ID and password. They used that to scare you. Criminals will do this so you will panic and do something stupid like give them your account information. The calls were probably trying to impersonate your bank telling you your accounts are compromised and we need all your information to verify it’s you.

You already changed your passwords, but make sure your Apple account password and preferably all your other passwords that are important are unique. Always have a separate password for each account. The next thing is remembered never click on links or give information to anyone over the phone that you didn’t contact. They can’t get your money unless you mess up. They depend on you panicking so just stay cool and they can go away to bother someone else.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.