[Long Rant] Stolen iPhone & Hacked Apple ID
This will be an unpopular opinion of Apple and the way my family was treated following a robbery.
On Monday 5/4 my poor 67 year old mother was robbed and the thief took her iPhone XR.
She was smart and immediately went to to her carrier and reported the stolen phone and sim card.
Not even 2 hours after she gets home with her new phone she gets a text from ”Apple” stating that her phone was found and to click on the provided link to recover it. This text was a social engineering attack and my poor non IT savvy mother fell for it. The hyperlink took my mom to this fake iCloud website where it prompted for her apple ID and password. She provided it and the website obviously did not provide her the location of her iPhone or anything relevant.
Fast forward a few minutes and suddenly her iPad is continuously prompting her for her Apple ID and password except that now her password doesn’t work. She checks her email and sees a legitimate notification from Apple that the find my iPhone function is disabled, which means that fellow that stole the device can now do as he pleases with it.
My mother finally calls me very upset and I try to help her by recovering her Apple ID password which turns out to be a great nightmare.
We follow all prompts from iforgot website only to land at a page that requires us to enter a credit card that was used almost 2 years ago to purchase the phone. We obviously no longer have that credit card number and tried to obtained it from several sources unsuccessfully. We also tried the apple support app which also landed us at the credit card number page. We finally call Apple support and they basically tell us to follow the same steps we already followed. We followed these steps every day for 5 straight days. At the end of it if says that we will get a text with further instructions but we never do. We call Apple again and no help. They tell us the same thing… To follow the steps on iforgot or the Apple support app.
Meanwhile the thief has a fresh shiny iPhone with complete access to my mother’s iCloud through her Apple ID. She still has a ton of very valuable pictures in her iCloud backup.
How is it possible that Apple can treat paying customers this way? We have spent several thousand dollars on Apple products over the years!
I know it is not Apples fault that my mother was socially engineered… But it is their fault for not having better processes in place to help customers in these situations.
In my honest opinion Apple is rewarding the thief who is very happily enjoying my mom’s shiny iPhone that I got her for her birthday.
The Thief wins! And Apple doesn’t care.
Please take care of your moms this Mother’s day weekend and make sure that all of you teach your moms (and dads) about social engineering. Also help your loved ones tighten up their id and password security on all systems and devices.
Cheers and sorry for the long Rant. I am just really sad at the moment and wanted to vent!