An intricate yet worrisome technique for taking over an iPhone and locking its owner out seems to be becoming increasingly common.
According to a recent Wall Street Journal study, some iPhone thieves are taking advantage of a security feature known as the recovery key that makes it almost impossible for owners to retrieve their data, texts, images, and more. A few victims also informed the publication that after the crooks obtained access to their financial applications, their bank accounts were completely emptied.
It’s crucial to remember, though, that this kind of takeover can be difficult to execute. It basically involves a criminal seeing an iPhone user input the passcode—for instance, by peering over their shoulder at a bar or sporting event—or tricking the owner of the device into disclosing the passcode. And that’s all that’s needed before actually stealing the device.
After that, a thief might use the password to modify the Apple ID of the device, disable “Find my iPhone” to prevent location tracking, and reset the recovery key—a complicated 28-digit number meant to shield its owners from cybercriminals.
Apple needs this key in order to assist reset or recover access to an Apple ID, which means that when someone steals it and changes the key, the original owner will not know the new code and will be unable to access the account.
An Apple representative told CNN in a statement, “We sympathize with people who have had this experience and we take all attacks on our users very seriously, no matter how rare. “We work tirelessly every day to protect our users’ accounts and data, and are always investigating additional protections against emerging threats like this one.”
Apple issues a warning on its website: “you’re responsible for maintaining access to your trusted devices and your recovery key. If you lose both of these items, you could be locked out of your account permanently.”
According to Jeff Pollard, vice president and principal analyst at Forrester Research, the business has to provide “ways for Apple users to authenticate so they can reset these settings” in addition to more customer service choices.
However, there are a few actions consumers may do right now to perhaps safeguard themselves against experiencing this.
The first step is to guard the passcode carefully.
According to an Apple representative who talked with CNN, users may prevent anyone who might be monitoring from learning their passcode by unlocking their phone in public using Face ID or Touch ID.
An extended alphanumeric passcode that is more difficult for hackers to decipher can also be created by users. In addition, users of the device should update the passcode right away if they think someone else may have seen it.
The next step an iphone user can take is to look into a hack that has been making the rounds online but isn’t necessarily approved by Apple.
The Screen Time feature on an iPhone gives parents the ability to place limits on their children’s device usage. One such limitation is the ability to create a backup password that must be entered by any user in order to successfully modify an Apple ID.
If this is enabled, before altering an Apple ID password, a thief would be asked for that backup password.
Lastly, users could secure themselves by routinely backing up their iPhones using iTunes or iCloud, which will allow data recovery in the event that an iPhone is stolen. Meanwhile, users might want to think about putting sensitive files and data, including crucial images, in another cloud service like Dropbox, Google images, Microsoft OneDrive, or Amazon Photos.
Although it won’t prevent a malicious person from accessing the device, this should lessen some of the consequences if that were to occur.