IPHONE thieves have uncovered a new way to break into stolen devices, according to a report.
Crooks are said to be tricking users into handing over their Apple ID in order to bypass settings that lock intruders out of the pricey devices.
If your iPhone is lost or has been stolen, Apple allows you to secure it by remotely activating “Lost Mode” by logging in to iCloud on another gadget.
It ensures that others cannot access your personal information and cannot wipe your mobile by activating a factory reset.
Crooks are constantly on the hunt for new ways to bypass Lost Mode in order to make the most of their stolen goods.
It appears they’ve stumbled upon a new one, according to a report published this week by IndiaToday.
The news magazine tells the story of New Delhi resident Vedant Khanduja who had their iPhone 12 snatched from their hands while waiting at a roadside.
They used Find My – Apple’s tracking app that helps you find lost items – to try to locate their handset and activate Lost Mode.
After a few days, Find My had failed to uncover the iPhone’s location, and Vedant assumed that it was lost for good.
However, they then received an SMS telling them that their gadget had been found (Apple lets you view texts sent to your number on Mac and iPad).
The message said that all Vedant had to do was follow a link to display his phone’s location.
Assuming the text was from Apple, they followed the link and complied with instructions to type in his Apple ID – the credentials used to access iCloud.
Following this misstep, the scam victim received an email notifying them that their Apple ID had been used on another computer.
The message had been a fake sent by the thieves who pinched his iPhone in order to trick him into handing over his credentials.
The crooks then used those credentials to deactivate Lost Mode on the stolen gadget, giving them access to all of his files.
Vedant tried to change their password but by then it was far too late.
Explaining his ordeal on Twitter, he urged users to be aware of attacks that can sneakily extract sensitive information from you.
To avoid so-called phishing scams, experts advise not to click links from people you don’t know and to avoid giving your information to an unsecured site.
If you’re unsure if a message or website is legitimate, it’s best to be on the safe side and avoid interacting with it.
In the UK, you can report a potential phishing message or scam website to the NCSC using the Suspicious Email Reporting Service (SERS).
In other news, Google Chrome users are being warned to delete the browser amid fears highly sensitive data is being harvested.
Facebook has announced that it’s changing its name to “Meta”.
The company is working to create lifelike avatars of its users that they can control in a virtual world called the “metaverse”.
And, Apple’s system that exposes creepy iPhone apps that track your location or snoop on your browsing history has finally arrived.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at firstname.lastname@example.org