A clever trick thieves use to disable Find My and unlock stolen iPhones

Losing or stealing your iPhone can be a big problem, but getting your Apple ID and stealing your password eliminates the last chance to access and restore the device. The iPhone and opened it in a deceptive way, let's get to know the story so that you are not the next victim.

What's the story

The iPhone of an Indian named “Vedant Khandoja” was kidnapped while he was waiting on the side of the road and using the device, of course smartphone theft has become common, but usually thieves avoid iPhones because they are of great use with Find My feature, but what happened With Khandoja it was an extraordinary theft because the people who hijacked his iPhone were not ordinary thieves as they did a phishing attack to steal his Apple ID and password but how did it happen.

Vidant recounted his ordeal on Twitter, urging others to be aware of the types of attacks that can be used to extract sensitive information from users and revealing that the first thing he did after losing his iPhone was to log in with his MacBook and open the Find My app with an Apple ID. In trying to find out where the device is, it is important to note that only if you enable Find My on your iPhone, will you be able to check its location via Find My website.

However, he was told that the iPhone was not connected to the Internet and the system could not get the exact location of the device so he marked his iPhone as lost and reported to the authorities and stopped his SIM card, and when you change the device status to “Lost Mode” It is turned off, so no one will be able to access the data inside the device even after turning it on, and a confirmation email is also sent to your Apple ID email address.

What happens after the iPhone is stolen?

After a while, Khanduja received a message on his number saying, “The lost iPhone 12 has been found and has been temporarily turned on. Show site” and next to the message was an iCloud link.

From the picture, you can realize that the link is designed in a way that suggests to you that it is from Apple, as it includes a number of words that refer to Apple sites such as “i-cloud” and “find my”, and this matter may deceive anyone into believing that the message was sent from Apple Of course, he did not notice that he remembered that the official company link was the following https://www.icloud.com/find It is not in the picture.

Of course, Khanduja quickly clicked on the fake link in the hope of finding out the location of the device, and the site showed an area near it, but he was asked to log into his iCloud account immediately after seeing the location of the device and here he entered his Apple ID and password and a minute later Just one of those entering those details, he received an email notification that his Apple ID had been accessed from a Windows computer and here he realized he had fallen for the trap and hurriedly changed his password and removed the Windows device from his Apple ID But hey, it's too late as his already stolen iPhone has been removed from his Apple ID and the Find my service has also been turned off.

what happened

The fake link was from the thief who was in possession of the victim's iPhone and was able to use the Apple ID credentials to disable Find My on the device. And he was able to send the message with the fake link to him and you can also notice that the thief sent a two-factor authentication message as if by Apple, which is another sign that the thief was not an amateur but a professional person who weaves his threads like a spider to stop his prey and with Find My disabled, the iPhone can be erased and set it up as a new device using anyone's Apple ID as if they were legally purchased.

The real point of this story is to check and double-check the links before trying to open them so you're not the next victim and consider using a password manager that will alert you if you're entering the details somewhere other than the one you saved them from.

And another point you have to activate two-factor authentication on your account so that knowing the password is not enough to enter the account.

Have you experienced this kind of fraud, tell us in the comments

Source:

longing for high January 1, 2023 9:34 PM

I don't know if this is what happened to me recently. My mother's phone was stolen and we marked it as lost, and I put my number in lost mode. We were able to track the phone from her other phone. But I received a message and the sender was Apple, so I didn't suspect the links even though they seemed strange. Some of them didn't open, and one of them opened and asked to log in, and since we didn't remember the password, we changed it through iCloud, I think. Immediately after that, the iPhone disappeared from the Find My iPhone service. Later, I noticed in the mail that there were messages indicating that I had been logged in, but I thought it was me because I had logged into the account from my computer. I didn't receive a notification that the Find My iPhone service was disabled. Isn't it supposed to receive a notification that it was disabled and lost mode was disabled? The account has two-step authentication, but I don't remember receiving the verification code. Does this rule out the hack? Are there other reasons for the device to disappear from the Find My iPhone service? The problem is that we are traveling, and the police did not cooperate as they should. If the device was hacked, can it be accessed via the IMEI if another SIM card is inserted into it? If there is anything useful, please let me know, thank you. The device is 13 Pro.

🇧🇷

Blog administrator January 2, 2023 4:06 PM

My brother, this is your device with the thieves. He opened the device and turned off the Find My Phone feature. The phone asked him for the password for the account, and you provided it to them via the link that was sent to you.
So no need to authenticate, because it's your phone, authentication only takes place if the phone changes. The mistake you made is entering from the links that were sent to you.
We ask God to compensate you, and in all cases you would not have been able to answer your phone from a professional gang like this.

longing for high January 2, 2023 4:12 PM

The phone was marked as lost. It has the unlock password. So I think that the process was through a computer, as in the article, to disable the loss mode?

Ferrite November 19, 2021 9:40 AM

Great article, thank you

🇧🇷

Muhammad Hersh November 18, 2021 2:30 PM

Cafe Argana-1

🇧🇷

nawaf November 17, 2021 11:55 PM

Thanks for the great article and sharing

🇧🇷

Abdullah November 17, 2021 4:43 AM

In the number of brothers they have a strange kind of questions! Doubting everything without taking the lesson from the article!
Detective Conan has a great influence (:

🇧🇷

samir November 16, 2021 10:56 AM

If the SIM card belongs to the thief, how could he send a text message to the victim?

🇧🇷

Red November 15, 2021 10:57 PM

Thieves are fools. When they steal the mobile, they are supposed to take the finger of his companions with him, open it with the fingerprint, and not take a picture of him, and open the mobile with it, and the process is over...

🇧🇷

Red November 15, 2021 10:54 PM

This is a really profitable project for graduates of the College of Technology, and they say that our country has no job... ha ha ha

🇧🇷

Ahmed November 15, 2021 10:24 PM

Thank you so much
very valuable topic

🇧🇷

Red November 15, 2021 10:13 PM

A third-class Indian movie, all this technology to steal an iPhone, they spent on this theft the price of buying four iPhones to steal one phone, what a stupidity...

🇧🇷

Ahmad ali November 15, 2021 10:49 PM

Remember that phone theft is a profession that thieves often take in a network of several individuals to collect as much money as possible. The thief does not steal only one phone, if we assume that he steals 4 iPhone 12 phones in one week and not in one day (so as not to exaggerate), after his crime is committed and he wipes the phone settings as if he is a new phone and sells the four phones for $ 500 each at least In the black market, the perpetrator (who may be just a teenager who did not exceed high school) puts 2000 dollars in his pocket easily, which is a very large amount in India in one week.

Ali Hussein Al-Mirfadi November 15, 2021 9:55 PM

Ok, it means that I gave the code, and no, how because Apple sends the code to him, does this mean that this Indian gave the code to verify the two-factor authentication

🇧🇷

iMuflh November 15, 2021 9:51 PM

🤣🤣🤣🤣

By God, the thief is smart and I like it.

🇧🇷

Breezes November 15, 2021 9:46 PM

Opening fake links is the reason

🇧🇷

Ayman Churbaji November 15, 2021 8:15 PM

💐❤️❤️❤️

🇧🇷

Badr Albadr November 15, 2021 7:21 PM

This I did not understand
(((And consider using a password manager that will alert you if you are entering details on a site other than the one you saved them from)))
What is a word manager? is it a program?

🇧🇷

Ali Hussein Al-Mirfadi November 15, 2021 6:49 PM

How? How was he able to access the SIM card when you said in the article that it was disabled by the telecom company? Even messages should not have been received. Also, if the SIM card had a code consisting of four to eight numbers, the problem would have been solved. The SIM card cannot be accessed at all.

🇧🇷

iMuflh November 15, 2021 9:53 PM

It means brother Ali, that the stolen SIM was stopped by the owner, and then he extracted a new SIM with the same number from the telecommunications company, and the thief recognized the mobile number and used it to send a text message to the owner

Ibrahim Hassan November 15, 2021 4:46 PM

Indeed, such an incident happened to me, but without stealing my phone. About a year or more ago, a message was sent to my email stating that my account had been hacked and applications had been purchased with a Visa (payment card). Because my account does not have a payment card 😂 via Visa, this made me review the message carefully. I found out what actually happened with this person. The image that appeared on the site resembles the Apple site, but with certain differences, such as a plus sign at the top of the page. When you click on it, the options appear. As for the fraudulent site, nothing appears when you click on the sign. Upon reviewing the link, I found it different, so I knew it was a fraud. At that time, Apple announced that some emails had been stolen from the company after its page was hacked.

🇧🇷

HAYTHEM November 15, 2021 3:59 PM

If he has the original box of the device, is it possible to block the device with the “serial number” via Apple?

🇧🇷

Ahmed November 15, 2021 2:52 PM

The other suspicious thing about the story is that the first message was from Microsoft Authenticator, what did Apple enter into Microsoft!!!

🇧🇷

Ihab Jadallah November 15, 2021 1:59 PM

Use the e-sim if available in your country, activate two-factor authentication, and verify all links sent

🇧🇷

Luay Al Sheikh November 15, 2021 1:33 PM

The story may be true, but two points caught my eye about the victim..XNUMX- He did not notice the mobile number from which the message was sent to his mobile..XNUMX- He did not turn off his mobile SIM and this is very important..

Greetings

🇧🇷

Saher Alsmadi November 15, 2021 11:38 PM

He is a writer that he received a message from a number that is not a mobile number,, I mean, a fake number is possible via the computer

Walid November 15, 2021 1:29 PM

Recently, these fake links have spread, and we have to wait and make sure in such cases the address of the link or the phone number from which the link was sent. And it is safe to use two-factor authentication, this number from Apple will cut off the scammers.

🇧🇷

Emerald November 15, 2021 6:25 PM

Touch work is a problem sometimes by mistake open some links

Amir Taha November 15, 2021 1:01 PM

Do you think of me as an Indian or what 😀😀

🇧🇷

A clever trick that thieves use to disable Find My and unlock a stolen iPhone

What's the story

What happens after the iPhone is stolen?

what happened