Beware: Sophisticated Phishing Scams Target iPhone Owners with Lost Devices
A new wave of phishing attacks is preying on iPhone users who have lost their devices, exploiting their desire to recover them to steal Apple ID credentials. The Swiss National Cyber Security Centre (NCSC) has reported multiple incidents where victims received messages claiming their missing iPhones had been found, often in foreign countries, sometimes months after the devices were lost. ([cyberwarzone.com](https://cyberwarzone.com/2025/11/10/swiss-ncsc-warns-of-iphone-phishing-scams-after-device-loss/?utm_source=openai))
How the Scam Operates
Victims receive text messages or iMessages that appear to be from Apple, stating that their lost iPhone has been located. These messages often include specific details about the device, such as model, color, and storage capacity, making them seem legitimate. The message contains a link purportedly showing the device’s current location. However, clicking this link redirects the user to a fraudulent website designed to mimic Apple’s official login page. When victims enter their Apple ID and password on this phishing page, they unknowingly provide scammers with full access to their accounts. ([cyberwarzone.com](https://cyberwarzone.com/2025/11/10/swiss-ncsc-warns-of-iphone-phishing-scams-after-device-loss/?utm_source=openai))
The Objective: Bypassing Activation Lock
The primary goal of these phishing campaigns is to disable Apple’s Activation Lock, a security feature that permanently links an iPhone to its owner’s Apple ID. This lock renders stolen devices useless and unsellable, as there is no known technical method to bypass it. Consequently, scammers resort to social engineering tactics to trick users into providing their credentials, enabling them to unlock and resell stolen iPhones. ([cyberwarzone.com](https://cyberwarzone.com/2025/11/10/swiss-ncsc-warns-of-iphone-phishing-scams-after-device-loss/?utm_source=openai))
How Scammers Obtain Contact Information
One challenge for scammers is obtaining the phone number associated with a locked device. While the exact methods remain unclear, security researchers suggest two main approaches:
1. Accessing the SIM Card: If the SIM card in the stolen phone hasn’t been blocked, attackers can retrieve the phone number directly from it.
2. Exploiting the ‘Find My’ Feature: Apple’s ‘Find My’ feature allows owners to display a message on the lock screen with contact details, such as phone numbers or email addresses, for honest finders to reach them. Unfortunately, this feature can be exploited by criminals to gather the necessary information to launch targeted phishing attacks. ([cyberwarzone.com](https://cyberwarzone.com/2025/11/10/swiss-ncsc-warns-of-iphone-phishing-scams-after-device-loss/?utm_source=openai))
Protecting Yourself from Phishing Scams
To safeguard against such phishing attacks, consider the following measures:
– Be Skeptical of Unsolicited Messages: Apple does not contact users via SMS or email regarding lost devices. If you receive a message claiming your device has been found, do not click on any links or provide personal information.
– Verify Through Official Channels: If you receive a notification about a found device, verify its authenticity by logging into your Apple account through the official website or contacting Apple Support directly.
– Enable Two-Factor Authentication (2FA): Adding an extra layer of security to your Apple ID can help prevent unauthorized access, even if your credentials are compromised.
– Use a Dedicated Contact Method: When setting up the ‘Find My’ feature, consider using a dedicated email address or phone number that you don’t use for other purposes. This can help prevent scammers from obtaining your primary contact information.
– Protect Your SIM Card: Set a PIN for your SIM card to prevent unauthorized access to your phone number if your device is lost or stolen.
What to Do If You’ve Been Targeted
If you suspect you’ve fallen victim to such a phishing scam:
1. Change Your Apple ID Password Immediately: This will prevent further unauthorized access to your account.
2. Enable Two-Factor Authentication: If you haven’t already, set up 2FA to add an extra layer of security.
3. Monitor Your Account for Suspicious Activity: Keep an eye on your Apple account and associated services for any unauthorized changes or activities.
4. Report the Phishing Attempt: Forward the suspicious message to [email protected] and inform Apple Support.
5. Inform Your Mobile Carrier: Notify your carrier about the incident, especially if your SIM card may have been compromised.
Staying Vigilant
As phishing tactics become more sophisticated, it’s crucial to remain vigilant and informed. Regularly updating your knowledge about potential threats and adopting best practices for online security can significantly reduce the risk of falling victim to such scams.
