Generally speaking, the Apple user can find or lock his phone with Find My iPhone function after he lost his iPhone, iPad or Mac. The Find My iPhone can help a user locate and lock the lost device and can play a sound, display information or delete all the data in the device.
This protective function of Apple is very powerful, but the thief is crafty. Recently, there has been a new method of fraud. Although the user uses the Find My iPhone to lock the lost phone, the thief implements "phishing" to the victim by forging the iCloud page and successfully unlock the device.
The fraud process
The "Lost Mode" in the Find My iPhone on IPhone is a very useful function which allows the owner to directly send a text on iCloud to the lost phone - for example, "Hello, my iPhone is lost. Please contact 133xxxxxxxxx. Thanks a lot!" so that the kind person who picks up the phone can know how to contact the owner.
However, the thief can use this phone number to defraud. In this case, the thief sent the following message to the owner's contact number:
"Apple Inc iPad 3G 64GB Gray + (email address) 14:14 PDT Location: [link]."
The link in this message is a "phishing" link that will guide the owner to enter a fake iCloud phishing site which looks very similar to the iCloud interface.
Once the frantic owner input his iCloud user name and password on the fake phishing page, the thief will get this information, and then exit the "Lost Mode" on Apple device and fully take forcible possession of the device.
Generally speaking, the user will be in a restless mood after using the Find My iPhone lost mode to lock the device: on one hand, he feels happy because of "preserving" the phone; on the other hand, he is eager to get the reply from the person picking up the phone. This complex mood is main reason in the above methods why the thief can successfully defraud. A irritable mood often makes a person lose his mind.
Here, FreeBuf reminds that you should remain calm and vigilant after losing an electronic product.