Victims of iPhone theft being tricked into unlocking their devices – Criminals luring victims to Fake iCloud login via text messaging.
Seems like the misery of people who lost their iOS devices (iPhones and iPads is far from over. Fake iCloud login web page has been tricking the iPhone theft victims for unlocking their devices especially those who have opted to display contact info on the lost iPhone. Victims are now being contacted by fraudsters in a bid to get their device unlocked.
The Phishing Campaign
A campaign has been identified by Symantec that aims to unlock the stolen iOS devices. These devices require the credentials of the owner’s iCloud account of the passcode of the device to be unlocked. To do this, scammers need to contact the owners and they are doing it by using the information that is displayed on the stolen device.
Apple’s Lost Mode is the Key
Symantec’s Joji Hamada wrote in a blog post that the “Lost Mode” of Apple’s Find My iPhone feature allows users to get a message displayed on their lost device’s screen for instance a phone number.
On that particular number, fraudsters are sending text messages that states:
“Apple Inc. Your iPad Air 3G 64GB Space Gray linked to [email address] has been located today at 14:14 PDT. See location: [link].”
The link takes them to a phishing website that has been designed like a genuine iCloud login page.
After collecting the iCloud’s credentials of the victim, the thief can easily turn-off the “Lost Mode” and can use the device as its owner.
“Owners who are emotionally distressed due to the loss of their iPhone or iPad may easily fall for this scam, as they may be desperate to get their device back,” Hamada informed.
Who Could be Doing this?
There is every possibility that a criminal group is providing this service to thieves trying to unlock stolen devices, says Hamada
“The underground ecosystem always has demands for such a service, and where there is demand, someone typically provides the supply.”