If your phone is lost (or stolen), you probably feel like you have something to worry about — stolen data, identity theft, and possibly replacing the device itself. However, there’s something else to be wary of: phishing messages claiming your lost device is actually designed to steal your Apple ID credentials.
According to NCSC (Swiss National Cyber Security Center) A new phishing scam takes advantage of lost devices by trying to steal the credentials of users who want them back.
An example of a phishing message says: “We are happy to inform you that your lost iPhone 14 128Gb Midnight has been successfully located. To view the current location of your device, please click the link below. If you have not initiated a lost device report or believe this message was sent in error, please ignore it or contact our support team immediately.”
The message claiming to have the device’s location contains a link that redirects unsuspecting users to a phishing page that mimics the login portal for Apple’s Find My site. It is designed in such a way that potential targets can enter their Apple ID and password and these credentials are then sent to the attackers so that they can take over the account. Their goal, according to the NCSC, is to remove Apple’s Activation Lock, a security feature that links an iPhone to the owner’s Apple ID to prevent others from erasing it and reselling it.
How to stay safe from phishing scams
To avoid falling victim to this and other phishing scams, never click on links in spam or respond to them either. The researchers here also recommend avoiding entering your Apple ID details on any external device. You can ignore any texts that look like these phishing texts, as Apple will not contact customers via SMS or email to report a found device.
Finally, you can protect yourself online by making sure you have one of the best antivirus solutions installed and up to date on all your devices (including mobile) and by making sure it has features like a VPN, a browser that alerts you to suspicious websites, spam alerts, and identity monitoring or identity theft protection features.
If you believe you have been scammed, you can report instances of identity theft to the Federal Trade Commission (FTC) at Identitytheft.gov Also contact the FBI online at IC3.gov. Doing this is a great (and useful) way to prevent others from falling victim to similar scams.
He follows Tom’s Guide to Google News and Add us as a favorite source Get the latest news, analysis and reviews in your feeds.
More from Tom’s guide