The Find My iPhone setting is a feature from the smartphone developers to help you recover a lost phone without letting anyone steal your data, but as it turns out, it could also create another entryway for scammers to mess with you.
If your phone gets lost and you have the Find My iPhone turned on, you can log on to your iCloud account from any device to find a map of where your iPhone is.
While you’re online, you can also put your phone on Lost Mode to send a message and phone number where you can be reached to whomever has your phone.
As such, if someone sees a phone with a message like “Please call me to return my phone. (080) 123-4567,” that person will know how to reach you.
The problem with this however is if your phone or computer doesn’t already have a passcode, you can create one while you’re fiddling with Lost Mode. This is good if your easy-to-access phone or laptop is in a stranger’s hands, but not if someone else sets it for you.
Any person who has your iCloud username and password can create a new PIN for your phone, even when the phone is right there in your pocket.
Of recent, Mac users have complained that hackers locked them out of their own laptops, with the scammers holding the computer ransom, and asking the owners to send money before they unlock the device.
What makes this even tougher is the fact that it is easy for any hacker to erase your device remotely via your iCloud account. After Lost Mode, the Delete option is next. A hacker can remotely delete everything on your phone or computer with the push of a button.
You’d probably think getting access to your iCloud would take a lot of guess-and-checking from a hacker, but it’s actually not as hard as it sounds. Scammers find passwords through another app or site then pair them up with the associated email address.
So, if you sign in to your iCloud with the same password you use on another site that got breached, you’re making it easy for scammers to weasel their way in.
The likelihood of needing to track a lost phone seems like a bigger issue than the slight chance of getting hacked, but this scam is just one more reminder to be careful with your passwords.
It is best to never repeat a password, especially not one for something as sensitive as your iCloud. Also, be sure each password is strong. Download a password manager to keep track of all of them, and rest easy knowing it will be difficult for any hacker to gain access.
If a scammer gets to lock you out of your iPhone, don’t freak out and send the money. Just step into an Apple store, where employees can help you for free.