Posted in

New iPhone Phishing Scam Exploits Lost Device Owners

by Rakesh0

Cybercriminals have launched a new phishing campaign targeting iPhone owners who have lost their devices, exploiting their hope of recovery to steal Apple ID credentials. The National Cyber Security Centre (NCSC) warns that these scams are becoming increasingly sophisticated and convincing.

How the Scam Works

Victims receive text messages or iMessages claiming their lost iPhone has been found—sometimes months after it went missing. These messages appear to come from Apple and include specific details about the device, such as model, color, and storage capacity, making them look authentic.

The message contains a link that supposedly shows the device’s location. In reality, it redirects to a fake Apple login page designed to steal credentials. Once victims enter their Apple ID and password, scammers gain full control of the account.

Why This Attack Is So Convincing

  • Messages include accurate device details, likely obtained from the stolen phone.
  • The phishing page displays a fake location map, creating urgency and legitimacy.
  • Victims believe they are recovering their device, lowering their guard.

The Goal: Activation Lock Bypass

Apple’s Activation Lock is a powerful security feature that ties an iPhone to its owner’s Apple ID, making stolen devices useless. Since there’s no technical way to bypass this lock, criminals rely on social engineering to trick owners into revealing their credentials.

How Attackers Get Your Contact Info

Researchers believe scammers use two main methods:

  1. SIM Card Access – If the SIM card wasn’t blocked after theft, attackers can read the phone number.
  2. Find My Feature Exploitation – Owners often display contact details on the lock screen for honest finders. Criminals use this information to launch targeted phishing attacks.

Signs of a Phishing Attempt

  • Unexpected messages claiming your device was found abroad.
  • Links that do not lead to Apple’s official domain.
  • Requests for Apple ID login on unfamiliar pages.

How to Protect Yourself

  • Never click links in unsolicited messages.
  • Verify the URL before entering credentials (Apple’s official domain is apple.com).
  • Use two-factor authentication for your Apple ID.
  • Report suspicious messages to Apple and NCSC.

Conclusion

This phishing campaign highlights how criminals exploit hope and urgency to bypass strong security measures like Activation Lock. Stay vigilant, verify all recovery messages, and protect your Apple ID with robust security practices.

Subscribe

Leave a Reply

Your email address will not be published. Required fields are marked *