iPhone thieves getting very sophisticated – story inside
My family member left phone in a Lyft over the weekend, put in Lost mode and assumed it was gone as it tracked to the airport and he couldn’t get close enough to hear the ping and then the battery died. Lyft driver claims he didn’t have it.
We put my phone number on the lost mode screen so anyone finding the phone could call me to try and return it.
Radio silence for 3 days, and then I got a phishing attempt over text message with a message claiming:
Your Lost iPhone Xs 256GB Space Gray has been located today
Check location at: lcIoud (edit: full link removed for security reasons in this thread)
The formatting on the iPhone hides the I/L switches.
I didn’t log in as I recognized this quickly as a phishing attempt.
This afternoon, I received a call from 1800-MYAPPLE saying they found our phone and wanted to set up a return to us. They said the iPhone screen had been cracked so we could get it returned and then exchange it, or get a credit for recycling the phone to order a new one. Since the call was directly from Apple Support, I didn’t immediately realize it was a spoofed call from the thief.
I then had them call my family member directly, where things went off the rails. They asked him his preference on returning the device and he asked them to send it to him. They claimed in order to do that, they had to turn off Find my iPhone or they wouldn’t be able to send it with their normal tracking methods (obviously a giant red flag to you or I). They asked for his pin, which he declined to give them (small victory). They then told him if he disassociated his phone from his iCloud account that would suffice. They literally talked him screen by screen to log into his Apple account and remove the phone from his account. Unfortunately, he fell for it and I’m assuming now they can properly wipe his phone (which they couldn’t do while it was tied to his iCloud account). Once he told me their story, I obviously realized this was a spoofed call and not actually from Apple Support.
Next step is police report and to report the theft to AT&T so they can ban the phone from the network.
Any other suggestions/thoughts on how to proceed? Obviously the device is a lost cause at this point. We spoke to Apple Support and she had us change the iCloud password but couldn’t think of a way to re-associate the phone with his iCloud account (so the thief can’t wipe the phone).
Long story but the moral is, if a family member loses their phone, make sure they know even if Apple calls them directly, NEVER give out a pin or password or remove a phone from your account.