Currently Being ModeratedDec 22, 2013 3:32 PM (in response to markbar888)
I can totally appreciate how frustrated you must be feeling about this type of scenario when you have obviously been told multiple times how this type of thing generally does NOT happen with Apple id logins.
I have to agree with Chris when you are referencing this going on with an Apple Mobile device.
However, IF you are using a Windows Computer AND IF you have had a trojan/virus/spyware type of attack on your Windows computer OS I CAN see this happening as when this type of attack to a non apple operating system can leave your computer system vulnerable. My best advice to you would be to check in to having your operating system that is running a windows operating system to be scanned for infection to see if this may not be where the attack origin is occurring.
Currently Being ModeratedDec 22, 2013 3:49 PM (in response to PhilipRoy)
It sill, in a way, because anyone trying to hack the account will not be able to get the verification code on the phone, so the attempt will fail.
But I agree with you that there is a good possiblilty that the computer is infected with malware.
Currently Being ModeratedDec 22, 2013 3:53 PM (in response to markbar888)
Be very, very careful when viewing and acting on any eMail requesting you to make changes to your account. Chances are high, they are not from Apple, but instead are merely phishing attempts.
Currently Being ModeratedDec 22, 2013 4:49 PM (in response to Johnathan Burger)
Thanks for the responses. Really appreciate it! It would seem the likely cause is my desktop computer which runs windows - however I do have quite good anti-everything on it but might have to investigate more.
I forgot to mention - I'm generally not as clueless as to click on a scam email. Even though the ones I'm getting are I'm 99% sure legit from apple. Either way after my password has been reset (which I know is legit because the actual 'sign in to your Apple ID' box pops up on my ipad and iphone) I go to the apple website externally to change the pw again.
However I am clueless as to know what two factor authentication is. Could someone explains this please?
Currently Being ModeratedDec 22, 2013 5:00 PM (in response to markbar888)
Here's Apple's explanation: https://support.apple.com/kb/HT5570
Basically, when you sign in to your Apple ID Apple sends a code via iMessage or SMS to your phone or other device that you must enter before the password is accepted. If you don't enter one or enter the wrong one the login fails. After you enable it you no longer need to remember security questions, either.
The downside to two factor authentication is that Apple support is no longer able to reset your password. In other words, you take full responsibility for managing your account and access.
A lot of other businesses are now offering two factor authentication, including Google and most large banks.
Currently Being ModeratedDec 23, 2013 4:08 AM (in response to markbar888)
If you are receiving e-mail messages that indicate that someone is trying to reset your Apple ID password, they may be phishing scams. Do not click any links in those e-mail messages, and if you make the mistake of doing so, do not provide your current Apple ID password on the page you are directed to.
Unfortunately, in this case, there's nothing to be done except treat those messages the same way you would any other spam.
The other possibility is that someone is actually trying to reset your Apple ID password. This may be due to a malicious attack, but more likely, it's just someone who thinks your Apple ID is actually theirs (due to a typo, faulty memory or something similar) and is trying to "regain" access. In any case, this is merely an annoyance, but you can put an end to it by enabling two-factor authentication on your Apple ID. This will require an additional piece of information that only you will possess in order to even start the password reset process.
If you are actually seeing your password getting changed, and are having to reset it yourself to regain access, you are being hacked. This could be because your password is not strong enough to withstand a brute-force attack by a botnet. It could also be because the attacker already has access to your e-mail address, and is able to intercept the reset e-mail and complete the reset process. Because of that danger, you should change the password for the e-mail account associated with your Apple ID. You should also change the password for your Apple ID, making sure that it is a strong password, and enable two-factor authentication as mentioned above.