By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Mobile beasts and where to find them — part one
    8 months ago
    What is Zero-Day Exploit?
    8 months ago
    How to Get Rid of a Virus on Phone? | Android and iPhone
    8 months ago
    Latest News
    Safeguards against firmware signed with stolen MSI keys
    1 day ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    1 day ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
    6 days ago
    Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    What’s included in the ‘Battle of Shadow and Light’ update for Halo 5: Guardians
    8 months ago
    How to fix printer spooler problems on Windows 10
    8 months ago
    How to fix error 0x80004005 starting VirtualBox VM on Windows 10
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    What is two-factor authentication | Kaspersky official blog
    2 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    4 days ago
    NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
    4 days ago
    How Oxy uses hooks for maximum extensibility
    How Oxy uses hooks for maximum extensibility
    5 days ago
    The personal threat landscape: securing yourself smartly
    5 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    The dream of a designer and web developer
    7 months ago
    Google Drive Public File Search
    8 months ago
    Chrome Tab Preview
    8 months ago
    Latest News
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    2 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    2 days ago
    How to check USB4 devices specs from Settings on Windows 11
    2 days ago
    How to enable new header UI for File Explorer on Windows 11
    1 week ago
  • Glossary
  • My Bookmarks
Reading: How my iPhone got double-stolen
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Threats

How my iPhone got double-stolen

Tom Grant
Last updated: 7 October
Tom Grant 8 months ago
Share
8 Min Read

The place: Moscow, Russia. The time: Five minutes into the Russia–Spain World Cup match. Scene: Having just entered a bar to cheer on the guys, I had my iPhone stolen.

Contents
Psychological phishingWhat could have saved me?

This story wouldn’t be worth a blog mention, were it not for the clever iPhone-stealing tricks employed by the scammers.

Here’s how it played out:

  • 5:00: The match kicks off.
  • 5:01: I enter a crowded bar in the center of Moscow hoping to find a space, all the while clutching my iPhone; I had to let my friend know where she could find me.
  • 5:07: My boyfriend asks me to call my friend, whereupon I realize with horror that I’m phoneless.

My first reaction was to call my phone from a different device. No luck — the ringing cut off after a few seconds. Then it hit me that my iPhone wasn’t just lost; it was stolen. I had no idea how that could have happened: I thought I’d been holding it the whole time, but perhaps I put it in my pocket for a couple of minutes unconsciously. My next move was to look for security and get to know the police officer on duty in the bar. Then a happy thought hit me: the Find My iPhone app — I just needed to enable Lost Mode and trace the missing device.

If someone steals your PIN-locked iPhone, all they can really do is demand ransom for it or sell it for parts. To resell the iPhone as a unit, it must be unlocked. In the case of my iPhone X, that would require either my face or my PIN. What’s more, after several unsuccessful unlock attempts, the iPhone doesn’t allow any more tries for an hour — and after several more, it effectively turns into a pumpkin, Cinderella-style. That’s how Apple does security.

If your iPhone is lost or stolen, the Find My iPhone app helps you get it back. The app is handy because you can use it to lock the device and enable Lost Mode with the message: This iPhone has been lost. Please call me. [phone number] Not only that, you can see the phone on a map (if it wasn’t turned off). We used the app — maybe the attacker would want to ransom the phone or be stupid enough to turn it on?

Psychological phishing

That’s when things started to get interesting. An hour later, the following message was sent to the number specified in my Lost Mode lock-screen note.iCloud FMI notification: Your iPhone X 64GB Space Gray was located on July 01, 2018 at 17:54. The SIM card number has been identified. Follow the link to view the iPhone's geolocation. The most recent location of your iPhone and information about the owner of the installed SIM card will be available within 24 hours. Copyright 2018 Apple Inc.

iCloud FMI notification: Your iPhone X 64GB Space Gray was located on July 01, 2018 at 17:54. The SIM card number has been identified. Follow the link to view the iPhone’s geolocation. The most recent location of your iPhone and information about the owner of the installed SIM card will be available within 24 hours. Copyright 2018 Apple Inc.

Take a close look. Anything strikes you as odd? A few things should: The site URL isn’t an official one; companies don’t usually mention copyright in an SMS message; and, come to think of it, why would Apple send a text instead of a notification in the Find My iPhone app? In other words, it’s phishing, but rather skillfully done. The cybercriminals clearly know what they are doing: The message is sent right when the victim is frantically trying to recover the lost device, stressed and psychologically vulnerable.

I’ll admit it: That’s how I was feeling. Yes, I work at Kaspersky Lab, and phishing incidents are routine for me. Yes, I write every day about the latest cybertricks and scams. But at that moment I was panicked and grasping at any opportunity to get my phone back, not really thinking about what I was doing. When the ill-fated SMS arrived on my boyfriend’s phone (his was the contact number specified), we were at the police station. A report was already filed, and the police were ready to help. If I could give them information about the phone’s location, that would greatly improve our chances of getting it back.

So I tapped the link without thinking, saw the familiar iCloud interface, and entered my login and password. The first attempt produced an incorrect password message. I tried again, no luck. The password was etched in my brain, and there was no way I could have made a mistake twice.

I went back to the Find My iPhone app, logged into my account without any trouble, and…my phone wasn’t there. It had simply vanished from the map and the list of devices. Then I took another look at the incoming message and realized what had happened.

The phishing SMS had lured me onto a fake iCloud site, where I had handed my credentials to the cybercriminals. Armed with this data, they had immediately disabled the search function on my device. Through iCloud, they could also erase all of the information on it (all they needed were the iCloud login and password I had just given them). After a hard reset, they would have a practically clean iPhone X that could be assigned a new PIN and resold for a tidy sum.

Of course, I changed my iCloud password immediately, but it was too late. I had lost both my phone and any hope of retrieving it. According to Apple support, the Find My iPhone app is the only way to trace a missing gadget, and if it’s disabled, the device ain’t coming back.

What could have saved me?

  • Obviously, if I hadn’t clicked on the phishing link or hadn’t entered my credentials, the scheme would not have worked. But, as my case shows, no one is immune: I know about all kinds of fraud, yet I swallowed the bait.
  • Two-factor authentication for iCloud would have saved me even if I had fallen for the phishing trick. Yes, I’d still have given the scammers my login and password, but they would not have been able to use them — they’d have needed another of my devices to receive the authentication code. The moral of the story: Enable two-factor authentication everywhere you can.

Source: kaspersky.com

Translate this article

TAGGED: Authentication, Phishing, PoC, SASE, Security, Threats
Tom Grant October 7, 2022 October 7, 2022
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Safeguards against firmware signed with stolen MSI keys
Threats 1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats 1 day ago
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
News 2 days ago
How to enable Taskbar End Task option to close apps on Windows 11
News 2 days ago
How to check USB4 devices specs from Settings on Windows 11
News 2 days ago

Recent Posts

  • Safeguards against firmware signed with stolen MSI keys
  • WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
  • How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
  • How to enable Taskbar End Task option to close apps on Windows 11
  • How to check USB4 devices specs from Settings on Windows 11

You Might Also Like

Threats

Safeguards against firmware signed with stolen MSI keys

1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

1 day ago
News

How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11

2 days ago
News

How to check USB4 devices specs from Settings on Windows 11

2 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

What is two-factor authentication | Kaspersky official blog
Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
How Oxy uses hooks for maximum extensibility
The personal threat landscape: securing yourself smartly
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Previous Next
Hot News
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?