Security Architecture, Cloud Security, Endpoint/Device Security, Endpoint/Device Security, Threat Management, Threat Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Phishing scheme mimics iCloud to activate stolen iPhones

Malwarebytes' researchers spotted what they consider to be an “elaborate” phishing scheme used to activate stolen iPhones.

An iPhone user posted on Macrumors that after her iPhone was stolen she activated the device's Lost Mode to lock it down. She then received a message alerting her that the phone had been located, according to a January 28 Malwarebytes post.

The message prompted the victim to verify her Apple ID on what turned out to be a phony website that mimicked Apple's official iCloud login page. No security warning was given and the victim's information went directly to the thieves, the post said.

"The trick is clever and not many people would suspect this is a fraudulent website. Add to this the euphoria of knowing your precious phone was allegedly found, and proceeding to enter your Apple ID and password seems like a no brainer," Malwarebytes wrote.

Apple has been notified.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.