Currently Being ModeratedApr 11, 2012 1:40 PM (in response to fiasko5k)
I had the same issue on my iPhone 4 today and also was worried that it might be a virus or phishing exercise. It is certainly worded like one.
But from all the other replies in this thread, it seems like people are saying it is a valid request from Apple, is that right?
Currently Being ModeratedApr 11, 2012 1:50 PM (in response to ChrisO973)
That's what I'm hoping. No one has come out and explicitly said this, but if you go through iTunes on your computer you'll probably see the same thing. So maybe we can assume that if the same message is happening on your phone as in your iTunes on your computer then it is NOT a phishing attempt?
Currently Being ModeratedApr 11, 2012 2:26 PM (in response to fiasko5k)
Just had the same pop up. If this is legit then someone really needs a slap. It looked like a phishing attempt and I instinctively hit cancel when I saw it.
Currently Being ModeratedApr 11, 2012 5:03 PM (in response to fiasko5k)
Yeah mine stopped doing it also, after I did "Settings > Store > Apple ID > View Apple ID and verify your payment info."
I don't know it was just being weird. I thought it was a virus.. and I got scared cause then nothing would open when I tried to open it. But it's all resolved now THANKS EVERYBODY!
Currently Being ModeratedApr 11, 2012 10:05 PM (in response to ChrisO973)
Frack! I hope it wasn't phishing! I just assumed being Apple, that it was legit.
Currently Being ModeratedApr 12, 2012 11:08 AM (in response to fiasko5k)
Currently Being ModeratedApr 12, 2012 12:32 PM (in response to needleman_mark)
This may work a little better: http://arstechnica.com/apple/news/2012/04/apple-prompting-users-for-security-que stions-to-bolster-apple-id-security.ars
Currently Being ModeratedApr 14, 2012 1:05 AM (in response to KiltedTim)
Thank you for your posts on this topic, the information/links that you have provided is very informative. It is a great pity that Apple have not taken the trouble to inform its users with proper public announcements that these steps are being taken to enhance App Store security, especially when a scepical user base is sensibly attempting to avoid giving away key account details and other security details to phishing software!
I am a Director of an IT company with over 30 years of system experience, and my first reaction to this unexpected pop up was to reject the download of the perfectly legitimate app that prompted it! It was only after digging around on the Internet that I discovered that the pop up was a genuine Apple security enhancement.
I am from the UK. This is the BBC news technology article that discusses Apple security issues. The key section is at the end of the article.
Currently Being ModeratedApr 14, 2012 8:25 PM (in response to fiasko5k)
I'm getting this too. Seriously Apple, I'll let you know if I need and extra 4 layers of security. I hope the rumors aren't true that we'll be needing notes from our Moms.
Currently Being ModeratedApr 15, 2012 11:12 AM (in response to fiasko5k)
This has been a pain. It looks dangerous, and apple has said nothing. appleid.apple.com does not allow me to answers these questions or even notes any changes. I have finally been able to get a question sent out to support via express lane. It had been down for hours. Hopefully this is real, but apple should make users aware of these coming changes in advance. If this is Apple and not an attack on Apple/Apple's Users, this is the latest in a growing line of times I have come to think Apple has no concerns for its users especial where iTunes is concerned.
Currently Being ModeratedApr 15, 2012 1:31 PM (in response to fiasko5k)
This has got me seriously confused and concerned.
I was asked at the end to provide another email address to be used to recover my account.. My account already has an email address assigned which is totally under my control (on my own domain) so I dont see why adding another door into my acount makes it more secure?
As an IT professional, I am glad I only use apple products to play games on as I would have serious reservations about using them in my professional capacity if this is the way they approach security issues.
"er. we've 'ad a security issue mate, so we just need some more keys to be cut and we've also put a new door in round the back.. that should sort it..."
Currently Being ModeratedApr 16, 2012 6:23 AM (in response to fiasko5k)
I also got this today. first assumed that it must be apple, but then before i finished, I started to doubt. I thought to myself "how do i verify that this is in fact from apple?" how do I know that the app I just started to download was not doing this? it could be a phishing scam. how do i find out if this prompt is an apple prompt, there is no url to check, there is not certificate info or anything like that.
i had no email from apple informing me about this.
so I cancelled it.
if this is apple doing this, then they need to make some kind of announcement or send me an email. something that i can positively verify.
Currently Being ModeratedApr 16, 2012 6:28 AM (in response to fiasko5k)
Me too i have the same problem with my iphone 4s. this security question pop up and i can't download the app which I already paid.
Currently Being ModeratedApr 16, 2012 8:27 AM (in response to G00d boy)
As far as I am able to surmise the security checks are genuine. I nervously followed through on the security questions and designated a "rescue email address" in the event that I had forgotten the answers to the security questions!
This action resulted in an email incoming me to follow a link to confirm that it really was me who had designated that email address.
I analysed this link using the Internet Whois utility to confirm that the link domain that I had to follow really belonged to Apple! The link domain was id.apple.com. This domain then linked to verification subnet information. I confirmed that the domain belonged to Apple and then ran a traceroute command to check out the server hops. This also helped confirm that this was a genuine Apple email and a genuine verification request running via apple file servers.
Only when I had completed these checks did I run the link and confirm that the email address belonged to me and was genuine. The apple response message was to confirm that my rescue email address was now linked to my apple ID.
It really would help if someone would get off their backside at Apple and make an official announcement about this stuff.
The result of their (mis) management of this issue is to sow the seeds of fear, uncertainty and doubt into the minds of apple user base. This is not good of Apple and it certainly is not good for those of us who form their user base.
Currently Being ModeratedApr 16, 2012 3:04 PM (in response to Orkneytim)
On the other hand.....you are only being asked to answer the security questions you yourself set up when you created your iTunes account. Apple is responding to concerns about account hacking. Agreed, they would have done themselves a favour by announcing this on the App Store.