Phishing Awareness/Alert One thread (1/11) My iPhone was snatched this weekend while I was waiting on the street… https://t.co/98NNztbi0Y
— Vedant (@vedantkhanduja) 1636480491000
For those unaware of the iOS 15 update, you’ll still be able to track it if your iPhone is stolen and the thief decides to take it off. One can disable Find My App tracking only by deleting the iCloud account of the iPhone owner. And that’s what the thieves did.
Thieves resorted to phishing scams to steal iCloud login details from users. The user received an SMS claiming that his lost iPhone 12 was found and “Temporarily Turned On”. The SMS also contained a link to track the location. On clicking the link, the user was asked to login to his iCloud account to track the location of his lost iPhone. Little did he know that it was a phishing website and it was used to steal the login credentials of his iCloud account to turn off the tracking feature.
When an iPhone is marked as lost, it is remotely locked with a passcode and you can display a custom message with your phone number on your missing device’s lock screen. Since Custom Messages on a lost iPhone displays a phone number, scammers are now sending an SMS to that phone number with a link to a phishing website that looks exactly like the iCloud website. The SMS will contain a message like: “Your lost iPhone has been found. “Click here to view location” with a link to a phishing website.
The moment you click on this link to view the location of your lost iPhone, a fake iCloud website that looks exactly like the original will open and ask you to login with your iCloud ID and password. This phishing website simply steals your login information and sends it to thieves so that they can unlock and use your lost iPhone. After doing this, there is little chance of getting your iPhone back.
,