3 min read

Lost your iPhone? Be on guard for a perfectly-timed Apple ID phishing attack


August 02, 2016

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Lost your iPhone? Be on guard for a perfectly-timed Apple ID phishing attack

It’s happened to me, and chances are that it’s happened to you too.

When you lose your smartphone you can feel desperate for its safe return. Not only is it often an expensive piece of hardware, but it’s the essential tool that connects you to your online life and keeps you in contact with your friends, work colleagues and family.

But perhaps most important of all – it’s the device that logs you into countless accounts, make purchases from, and maybe even use for banking online.

Losing a phone isn’t just an inconvenience, it can be a potential stepping stone for having your identity stolen.

So the good news is that modern devices like iPhones come with powerful security features that can not only lock out unauthorised users, but also actually help you remotely wipe or even (if you’re lucky) reunite you with your lost device.

So when Joonas Kiminki lost his iPhone, he did what any sensible chap would do – he marked his device as “lost” with “Find my iPhone”, happy in the knowledge that it would prevent someone else from reactivating his iPhone and that nobody would be able to access his data.

As Kiminki describes in a blog post, a week and a half went past with no report of his iPhone being found.

And then, out of the blue, he received an email saying that it had been discovered.

Source: medium.com

He also received an SMS message.


Good news, right? Cause for celebration?

Well, I hope in the excitement at hearing your iPhone has been found that you wouldn’t do anything rash.

Because clicking on the link would take you to a webpage like this, asking for your Apple ID and password.


Despite initial appearances, that’s not the real iCloud login page.

Kiminki is certain that plenty of people would have been fooled into entering their credentials, handing over their password to the criminals. After all, the timing was ideal – the scammers knew you had lost an iPhone (they had clearly “acquired” it) and chose the perfect moment to dupe you into revealing your login details:

I”m pretty sure many people would have just punched in their apple id and password and only then wondered why the login doesn”t work.

As far as I know, this was the first time I was targeted personally by an attempted identity theft. The scammer did very many things very right and nearly got me to give up my account details. Maybe if I”d read the email before looking at the SMS (in which the strange address was a bit more prominent), they would”ve gotten me.

What strikes me the most is that everything seemed very “right” and professional. The email and the website content looked great, my phone really was an iPhone 6 and they even got the timezone right in the email.

Well done to Kiminki for not falling for the scammers’ trap, and for warning others about how opportunist iPhone thieves are getting more sophisticated in their attempts to make the most money out of the device they have stolen from you.

And don’t forget – you should always use a strong, unique password for your Apple ID, and enable two-step verification.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like