Losing your iPhone can be a nightmare, especially when your device shows up in a far away country two months after it went missing. That is exactly what happen with Twitter user Phillip Caudell, whose iPhone X was stolen from the UK and ended up in Algiers.
Caudell like most iPhone users out there had Find My iPhone enabled on his iOS device and was hoping that it will end up in the hands of a good samaritan who would contact him using the on-screen message, and handover his iPhone. However he had to deal with the opposite when two months after his device went missing he received a text message seemingly from Apple Support. The message read “Your iPhone X Silver 256GB has been found and temporarily connected to iCloud.”
The text message also contained a web link that the message claimed will allow Caudell to view the current location of his iPhone. When the link was clicked it opened a very Apple-style webpage asking the user to enter his Apple ID username and password. The website even had a convincing ‘Apple-Map.com’ domain name to make the whole thing seem legitimate.
Nearly 2 months later my stolen iPhone has shown up in Algiers! It’s locked with a message saying to call me if found, but instead the thieves used my number to send a fake iCloud login (so they can unlock it). Clever – wonder how many people fall for this? pic.twitter.com/tkZ4HLE8Gj
— Phillip Caudell (@phillipcaudell) July 22, 2019
Turns out the whole message and the website it was pointing to was fake and set up by the people who stole Caudell’s iPhone. Since the iPhone in question had iCloud Activation Lock and could only be unlocked with Caudell’s username and password, the thieves used the Phone number that was being displayed on the locked device and sent a text to the device’s owner posing as Apple. Had Caudell entered his Apple ID details on the fake website, the thieves would have received the information and used the account details to finally unlock the iPhone. It was clever thinking by Caudell who didn’t fell for the phishing attack and stopped short of sharing his Apple ID details.
The whole story is pretty bizarre and shows how tech-savvy iPhone thieves have become, since sending a fake message that shows appears as it was sent by ‘Apple’ and setting up fake site requires considerable tech knowhow, something you would not expect from your everyday thieves. Also, the fact that it is worth it for these thieves to set up such as an elaborate phishing attack suggests that they deal with a large number of stolen iPhones and Caudell was just one of the many victims that they target on a daily basis. This is also apparent by other users who have responded to Caudell’s tweet, with many saying they fell for the same phishing attack and ended up giving away their Apple ID details to people who stole their iPhones.
The lesson here is that you should always keep Find My iPhone enabled on your iPhone (Settings > Apple ID > iCloud > Find My iPhone) and always make sure to find out about the origins of a text message before responding to it. You should also make sure you verify if a website you are on actually belongs to Apple or any other company whose products you use first before sharing your personal details on it.