When a Which? member lost her iPhone, she used the Find My iPhone app to try to locate it. And that’s when she received a very convincing phishing message. Apple confirmed it was a fake email, but would you think to check its authenticity first?
Member Sarah Donaldson told us:
‘My iPhone was stolen recently. Shortly after disabling it with the ‘Find My iPhone’ app, I received a convincing email claiming it had been found. The email correctly listed the model and colour of my phone. It also named the location where it had been discovered, which was near my home. This looked like a genuine Apple email, and the domain was icloud.com. It prompts you to click a link to find the exact location of the phone. I logged onto a live chat with Apple staff, who confirmed this was a phishing message. I’ve since had several similar messages.’
It was extremely unlucky for Sarah’s phone to be found by someone both dishonest and intelligent enough to engineer such a sophisticated phishing attempt.
If she’d clicked the link in this email, it would have prompted her to enter her Apple ID and password.
With these, scammers can access all of the associated personal data, including your payment details. They’d also be able to unlock your phone and sell it as a working device.
The ‘Find My iPhone’ app will boost the chances of your phone being returned, if it’s found by an honest person. It can prevent it from being used by whoever discovers it, and there’s an option to display your contact details on the screen. Unfortunately, these details can open the door for criminals to swindle you a second time with a phishing scam.
Have you fallen for the Find My iPhone phishing email? What happened?