People who have lost their iPhones are receiving fake text messages claiming that their device has been found abroad. The false hope is leading to the removal of Activation Lock and compromised Apple ID credentials, Swiss authorities warn.
The Swiss National Cyber Security Centre (NCSC) has issued an alert about attackers exploiting a highly effective social engineering lure against individuals who have recently lost their iPhones.
Multiple victims reported receiving text messages claiming that their stolen or lost device had been located, months after it went missing. These messages include exact details about the device, such as its model, colour, and storage capacity.
The text messages or iMessages appear to come from Apple and include a link to a phishing page, masquerading as Apple’s “Find My” service. It is designed to show the device’s supposed location and prompts users to sign in with their Apple ID.
“Losing your iPhone is always annoying. Not only is the device gone, but your personal data may also be lost. Once the initial panic has passed, most people are left hoping that someone honest will find it. But if scammers have your phone, they may try to exploit this hope,” NCSC said.
If users enter their credentials on the fake website, they give scammers full control of their accounts.
“The scammers’ real goal is to remove the Activation Lock. This Apple security feature permanently links an iPhone to its owner's Apple ID, rendering the device useless and unsellable to thieves,” NCSC explains.
“As there is no known way to bypass this lock, tricking the owner through social engineering is the only realistic option for criminals.”
It remains a mystery how scammers are obtaining phone numbers from locked devices. One guess is that the SIM cards hadn’t been blocked at the time of the theft or loss. Another possibility is that iPhone owners themselves provide this data to scammers.
When an iPhone is marked as lost, the owner can display a message on the lock screen containing contact details, such as a phone number or email address.
“This can be very helpful if the finder is honest – but in dishonest hands, the same information can be used to launch a targeted phishing attack,” NCSC explains.
The watchdog recommends ignoring such texts and never clicking links in unsolicited messages or entering credentials on the linked websites.
“The most important rule is: Apple will never contact you by text message or email to inform you that a lost device has been found.”
Owners of lost devices can enable Lost Mode via the Find My app on another device or at iCloud.com/find, which locks the device.
“Be careful about which contact details you show on your lost device's lock screen. For example, use a dedicated email address created specifically for this purpose,” NCSC recommends.
Users should also never remove the device from their Apple account, as this disables the Activation Lock.
To prevent criminals from gaining access to the phone number, make sure the SIM card is protected with a PIN.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked