MacDirectory magazine is the premiere creative lifestyle magazine for Apple enthusiasts featuring interviews, in-depth tech reviews, Apple news, insights, latest Apple patents, apps, market analysis, entertainment and more.
Issue link: https://digital.macdirectory.com/i/1436922
victim received an SMS text message saying that someone had found his stolen device. The message contained a link that appeared legitimate — it included the words “iCloud” and “Find My”, after all — and that promised to show him the exact location of his missing iPhone. Upon tapping the link, the user was taken to what looked like an Apple login page. As you can probably guess, neither the link nor the login page were actually from Apple — they were sent by the scammers. When the unfortunate user tried to log in, he handed the thieves his Apple ID and password. A few minutes later, he received an email notification (this one really was from Apple) telling him that his Apple ID had been accessed from a Windows computer. He tried to change his password and remove the Windows computer from his list of trusted devices, but it was too late. His iPhone had already been removed from his Apple ID, and Find My had been turned off. iMore breaks down how the scam worked on the attackers’ end: The link was from the person that had the iPhone in their possession and they were able to use the Apple ID credentials to disable Find My on the iPhone. They got [the victim’s] phone number by putting the SIM into a new device and calling themselves. There are different bits of advice that we could offer to help you protect yourself from a scam like this. But we’re just going to focus on one. It’s the same one we give when talking about delivery and order scams around the holidays: Always go directly to the source! If you’re attempting to track an iPhone in Lost Mode, don’t bother trying to figure out if that SMS link is really from Apple or not. Instead, just hop on your computer, fire up your favorite web browser, and type in “iCloud.com”. If the text message was legit, then you’ll see what you’re looking for in your account area. If it wasn’t legit, well, you still don’t have your iPhone … but at least the bad guys can’t unlock it!