The Rise of the iPhone Password Reset Scam in China: What You Need to Know
Uncover the mechanics behind the new iPhone password reset scam in China, learn how to spot the signs, and explore measures to safeguard your device.
TECH & DIGITAL
Curry
2/17/20251 min read
In recent weeks, a concerning new trend has emerged among iPhone users in China—a sophisticated password reset scam that manipulates Apple ID credentials. As smartphone use becomes increasingly integral to daily life, understanding and combating these threats is more important than ever.
The Scam’s Modus Operandi
The scam operates by sending iPhone users a pop-up notification that mimics Apple's official interface, urging them to reset their Apple ID password. Unsuspecting users who comply find themselves locked out of their devices. Worse, many report subsequent unauthorized transactions from linked bank accounts and, in some cases, complete data wipes when they are forced to reset their devices.
How the Scam Works
Cybercriminals employ "credential stuffing" attacks, where stolen user IDs and passwords from different breaches are used to gain unauthorized access. The situation is exacerbated when individuals reuse passwords across multiple platforms. Additionally, data entered on insecure websites can be another source of compromised personal information leading to these targeted attacks.
Notable Cases
One notable victim, Mr. Liang from Handan, Hebei, experienced immediate device lockout after following a password reset prompt on February 10, 2025, ultimately leading to a complete data wipe. Another user from Jiangxi reported multiple unauthorized transactions totaling RMB 1888 shortly after interacting with one such fraudulent pop-up.
Preventive Measures
To combat this scam, users are advised to be vigilant and skeptical of any unexpected password prompts. Apple typically does not request password changes via pop-ups. Users should:
Set robust, unique passwords for their Apple ID and enable two-factor authentication.
Regularly check their device and account settings to ensure no unauthorized changes have been made.
Install and maintain reputable security software, such as Tencent Mobile Manager, to block phishing attempts and scan for malware.
Conclusion
As digital threats evolve, so must our vigilance. By understanding the tactics used by cybercriminals and implementing robust security practices, iPhone users can protect themselves against this rising scam and others like it.