Hackers can access iCloud-locked iPhones using fake receipts and phishing kits

Hackers, Thieves, and Repair Shops Access iCloud-Locked iPhones, Hereโ€™s How

Hackers, thieves, and repair shops have discovered a new way to bypass the โ€˜Find My iPhoneโ€™ feature on iCloud-locked iPhones so that they can sell stolen or non-stolen devices, according to a report from Motherboard.

For those unaware, โ€œFind my iPhoneโ€ is an app and service from Apple, which lets you locate, lock down or wipe your lost iPhone, iPad, iPod, orย Macbook and requires a password to continue. Apple had introduced this feature in 2013ย to safeguard peopleโ€™s information stored on their iPhones.

In order to keep iPhones secure and make it less valuable targets to would-be thieves, iPhones can be associated only to one iCloud account at a time. This means that the hackers and thieves need to figure a way out to remove the iCloud account from the iPhone in order to sell the stolen device to someone else or for someone new to use it. The iCloud account can only be removed by entering the Apple ID password.

โ€œThe iCloud security feature has likely cut down on the number of iPhones that have been stolen, but enterprising criminals have found ways to remove iCloud in order to resell devices. To do this, they phish the phoneโ€™s original owners, or scam employees at Apple Stores, which have the ability to override iCloud locks. Thieves, coders, and hackers participate in an underground industry designed to remove a userโ€™s iCloud account from a phone so that they can then be resold,โ€ according to Motherboard.

In order to get into iCloud-locked iPhones, thieves are now producing fake receipts and invoices to fool Appleย into believing that they are the actual owners of the phone. While the tricks include social engineering at Apple Stores, there are also โ€œcustom phishing kits for sale online designed to steal iCloud passwords from a phoneโ€™s original owner,โ€ mentions Motherboard.

Additionally, a few hackers also reprogram stolenย iPhonesย with a new IMEI. Besides this, there are also forums for the hacker community where they share new methods and tips to break into locked iPhones.

Even some unnamed repair companies have become actual customers of companies that illegally reset and reactivate the iCloud-locked iPhone.

โ€œThere are many listings on eBay, Craigslist, and wholesale sites for phones billed as โ€˜iCloud-locked,โ€™ or โ€˜for partsโ€™ or something similar,โ€ addedย Motherboard. โ€œWhile some of these phones are almost certainly stolen, many of them are not. According to three professionals in the independent repair and iPhone refurbishing businesses, used iPhones โ€” including some iCloud-locked devices โ€” are sold in bulk at private โ€˜carrier auctionsโ€™ where companies like T-Mobile, Verizon, Sprint, AT&T, and cell phone insurance providers sell their excess inventory (often through third-party processing companies.)โ€

Basically, in the event your iPhone is stolen or lost, ensure that you change the password of your iCloud account immediately.ย Further, beware of phishing scams and carefully check the addresses or URLs of the websites you visit, especially login pages. It is recommended to keep a unique password not only for your iCloud account but also for every other online account. Also, ensure that you have enabled two-step authentication on your iCloud account.

Subscribe to our newsletter

To be updated with all the latest news

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news

Read More

Suggested Post