Serious warning: iPhone users could be vulnerable to a device-locking attack.

iPhone users are facing a cyberattack targeting their Apple ID.

A recently published report states that 1.46 billion active iPhone users worldwide are facing a cyberattack targeting their Apple ID, according to Phonearena.

The attackers used a phishing campaign by sending emails and messages designed to look like they were sent by Apple. These fake emails and SMS messages try to get victims to click on links to read important notifications about iCloud.

Security company Symantec, USA, discovered links leading to fake websites asking recipients to reveal their Apple ID numbers. Note that the fake website has a Captcha code to look like a reputable website.

This request may be disguised with phrases that make the information seem so urgent that it must be delivered immediately, which is completely false. Apple recommends that iPhone owners enable two-factor authentication to add an extra layer of security to their Apple ID. To access your Apple account using 2-factor authentication, users will receive an SMS message with a special one-time six-digit code used to access the Apple account.

When bad guys gain the right to change a user's Apple ID and password, their iPhone device may be locked in use, bad guys can get information to open banking and financial applications, change password and withdraw all your assets in the blink of an eye. With two-factor authentication, you can still lock out attackers so they can't change your Apple ID password.

To turn on two-factor authentication for your Apple ID on iPhone, go to Settings > Username > Sign in & Security. Tap Turn on Two-Factor Authentication then tap Continue. Enter a trusted phone number, which will be used for Apple to send you a six-digit authentication code, then tap Next. Then, a code will be sent to the phone number that the user just registered.

Symantec said it issued this warning previously on July 2. "These credentials are valuable, providing control over devices, access to personal and financial information, and potential revenue streams through transactions," the company said. In addition, Apple's strong brand reputation makes it easier for users to trust fraudulent communications that appear to come from Apple. the attractiveness of these targets to cybercriminals".

If you receive an email or text from Apple, make sure not to click on any links. And don't forget to use the instructions mentioned above to add 2-factor authentication to your Apple ID.