Losing or stealing your iPhone can be a big problem, but getting your Apple ID and stealing your password eliminates the last chance to access and restore the device. The iPhone and opened it in a deceptive way, let's get to know the story so that you are not the next victim.
What's the story
The iPhone of an Indian named “Vedant Khandoja” was kidnapped while he was waiting on the side of the road and using the device, of course smartphone theft has become common, but usually thieves avoid iPhones because they are of great use with Find My feature, but what happened With Khandoja it was an extraordinary theft because the people who hijacked his iPhone were not ordinary thieves as they did a phishing attack to steal his Apple ID and password but how did it happen.
Vidant recounted his ordeal on Twitter, urging others to be aware of the types of attacks that can be used to extract sensitive information from users and revealing that the first thing he did after losing his iPhone was to log in with his MacBook and open the Find My app with an Apple ID. In trying to find out where the device is, it is important to note that only if you enable Find My on your iPhone, will you be able to check its location via Find My website.
However, he was told that the iPhone was not connected to the Internet and the system could not get the exact location of the device so he marked his iPhone as lost and reported to the authorities and stopped his SIM card, and when you change the device status to “Lost Mode” It is turned off, so no one will be able to access the data inside the device even after turning it on, and a confirmation email is also sent to your Apple ID email address.
What happens after the iPhone is stolen?
After a while, Khanduja received a message on his number saying, “The lost iPhone 12 has been found and has been temporarily turned on. Show site” and next to the message was an iCloud link.
From the picture, you can realize that the link is designed in a way that suggests to you that it is from Apple, as it includes a number of words that refer to Apple sites such as “i-cloud” and “find my”, and this matter may deceive anyone into believing that the message was sent from Apple Of course, he did not notice that he remembered that the official company link was the following https://www.icloud.com/find It is not in the picture.
Of course, Khanduja quickly clicked on the fake link in the hope of finding out the location of the device, and the site showed an area near it, but he was asked to log into his iCloud account immediately after seeing the location of the device and here he entered his Apple ID and password and a minute later Just one of those entering those details, he received an email notification that his Apple ID had been accessed from a Windows computer and here he realized he had fallen for the trap and hurriedly changed his password and removed the Windows device from his Apple ID But hey, it's too late as his already stolen iPhone has been removed from his Apple ID and the Find my service has also been turned off.
what happened
The fake link was from the thief who was in possession of the victim's iPhone and was able to use the Apple ID credentials to disable Find My on the device. And he was able to send the message with the fake link to him and you can also notice that the thief sent a two-factor authentication message as if by Apple, which is another sign that the thief was not an amateur but a professional person who weaves his threads like a spider to stop his prey and with Find My disabled, the iPhone can be erased and set it up as a new device using anyone's Apple ID as if they were legally purchased.
The real point of this story is to check and double-check the links before trying to open them so you're not the next victim and consider using a password manager that will alert you if you're entering the details somewhere other than the one you saved them from.
And another point you have to activate two-factor authentication on your account so that knowing the password is not enough to enter the account.
Source:
I don't know if this is what happened to me recently. My mother's phone was stolen and we marked it as lost, and I put my number in lost mode. We were able to trace the phone from her other phone. But I received a message and the sender was apple, so I did not doubt the links, even if they looked strange, some of them did not open, and he opened one of them and asked to log in, and because we did not remember the password, we changed it through the iCloud website, I think. Immediately after that, the iPhone disappeared from the Find My iPhone service. Later, I noticed in the mail that there were messages indicating that I was logged in, but I thought it was me because I had logged into the account from my computer. I did not receive a notification that the Find My iPhone service was disabled. Isn't it supposed to receive a notification to disable it and disable Lost Mode? Then the account has a two-step authentication feature, but I don't remember that we have received the authentication code. Does this deny the occurrence of hacking? Are there other reasons why the device has disappeared from the Find My iPhone service? The problem is that we are on a journey, and the police did not cooperate as it should. If the device is hacked, can the device be accessed via the imei if another SIM is placed in it? If there is something useful, please tell me, thank you. The device is 13 Pro.
My brother, this is your device with the thieves. He opened the device and turned off the Find My Phone feature. The phone asked him for the password for the account, and you provided it to them via the link that was sent to you.
So no need to authenticate, because it's your phone, authentication only takes place if the phone changes. The mistake you made is entering from the links that were sent to you.
We ask God to compensate you, and in all cases you would not have been able to answer your phone from a professional gang like this.
The phone was marked as lost. It has the unlock password. So I think that the process was through a computer, as in the article, to disable the loss mode?
Great article, thank you
Cafe Argana-1
Thanks for the great article and sharing
In the number of brothers they have a strange kind of questions! Doubting everything without taking the lesson from the article!
Detective Conan has a great influence (:
If the SIM card belongs to the thief, how could he send a text message to the victim?
Thieves are fools. When they steal the mobile, they are supposed to take the finger of his companions with him, open it with the fingerprint, and not take a picture of him, and open the mobile with it, and the process is over...
This is a really profitable project for graduates of the College of Technology, and they say that our country has no job... ha ha ha
Thank you so much
very valuable topic
A third-class Indian movie, all this technology to steal an iPhone, they spent on this theft the price of buying four iPhones to steal one phone, what a stupidity...
Remember that phone theft is a profession that thieves often take in a network of several individuals to collect as much money as possible. The thief does not steal only one phone, if we assume that he steals 4 iPhone 12 phones in one week and not in one day (so as not to exaggerate), after his crime is committed and he wipes the phone settings as if he is a new phone and sells the four phones for $ 500 each at least In the black market, the perpetrator (who may be just a teenager who did not exceed high school) puts 2000 dollars in his pocket easily, which is a very large amount in India in one week.
Ok, it means that I gave the code, and no, how because Apple sends the code to him, does this mean that this Indian gave the code to verify the two-factor authentication
🤣🤣🤣🤣
By God, the thief is smart and I like it.
Opening fake links is the reason
💐❤️❤️❤️
This I did not understand
(((And consider using a password manager that will alert you if you are entering details somewhere other than the one you saved them from)))
What is a word manager? is it a program?
how? How was he able to access the chip, and you said in the article that it was disabled by the telecom company, so the messages will not receive anything as well, if the chip had a code consisting of four to eight numbers, the problem would have been solved. The chip cannot be accessed at all
It means brother Ali, that the stolen SIM was stopped by the owner, and then he extracted a new SIM with the same number from the telecommunications company, and the thief recognized the mobile number and used it to send a text message to the owner
Indeed, such an incident happened to me, but without my phone being stolen. For a period of about a year or more, a message was sent to my e-mail that my account was hacked and I purchased applications with Visa “payment card” and because my account is without a payment card 😂 Through Visa, this made me review the message well I found what actually happened with this person that the image on the site is similar to the Apple site, but with certain differences, such as the plus sign at the top of the page, when you click on it, the options appear. As for the fraudulent site, nothing appears by clicking on the mark and by reviewing the link, I found it different, so I knew that it was a fraud and at that time it was Apple announced that some emails were stolen from the company after its page was hacked
If he has the original box of the device, is it possible to block the device with the “serial number” via Apple?
The other suspicious thing about the story is that the first message was from Microsoft Authenticator, what did Apple enter into Microsoft!!!
Use the e-sim if available in your country, activate two-factor authentication, and verify all links sent
The story may be true, but two points caught my eye about the victim..XNUMX- He did not notice the mobile number from which the message was sent to his mobile..XNUMX- He did not turn off his mobile SIM and this is very important..
Greetings
He is a writer that he received a message from a number that is not a mobile number,, I mean, a fake number is possible via the computer
Recently, these fake links have spread, and we have to wait and make sure in such cases the address of the link or the phone number from which the link was sent. And it is safe to use two-factor authentication, this number from Apple will cut off the scammers.
Touch work is a problem sometimes by mistake open some links
Do you think of me as an Indian or what 😀😀