If your iPhone has been lost or stolen, Apple allows users to lock it down. This means that the thief won’t be able to access your phone or even factory wipe it unless they have access to your Apple ID details. Unfortunately, it seems that thieves have gotten smarter and have found new ways to trick users into unlocking their devices for them.
In a report from India Today, it tells the story of someone calling themselves Vedant who had lost their iPhone 12. They went through the usual motions of using “Find My” to locate the device as well as to lock it. After a few days, it was assumed that all was lost until they received an SMS claiming that the phone had been found and that they had to click a link to display its location.
The link itself looks suspicious to anyone who might be slightly aware of how phishing scams work, but since it contained words like “icloud” and “findmy”, it almost looked legit. Unfortunately for Vedant, they clicked the link and entered their Apple ID credentials, after which they then got an email claiming that the Apple ID was used from another computer.
Upon realizing that this was a trick, Vedant tried to change their password but by then it was too late. The iPhone had been removed from the associated Apple ID account and “Find My” was switched off. While not a particularly sophisticated scam, it does highlight the importance of making sure the links you click are legit.