24
Feb 17

iPhone Robbers Try to iPhish Victims

In another strange tale from the kinetic-attack-meets-cyberattack department, earlier this week I heard from a loyal reader in Brazil whose wife was recently mugged by three robbers who nabbed her iPhone. Not long after the husband texted the stolen phone — offering to buy back the locked device — he soon began receiving text messages stating the phone had been found. All he had to do to begin the process of retrieving the device was click the texted link and log in to the phishing page mimicking Apple’s site.

applephish

Edu Rabin is a resident of Porto Alegre, the capital and largest city of the Brazilian state of Rio Grande do Sul in southern Brazil. Rabin said three thugs robbed his wife last Saturday in broad daylight. Thankfully, she was unharmed and all they wanted was her iPhone 5s.

Rabin said he then tried to locate the device using the “Find my iPhone” app.

“It was already in a nearby city, where the crime rates are even higher than mine,” Rabin said.

He said he then used his phone to send the robbers a message offering to buy back his wife’s phone.

“I’d sent a message with my phone number saying, ‘Dear mister robber, since you can’t really use the phone, I’m preparing to rebuy it from you. All my best!’ This happened on Saturday. On Sunday, I’d checked again the search app and the phone was still offline and at same place.”

But the following day he began receiving text messages stating that his phone had been recovered.

“On Monday, I’d started to receive SMS messages saying that my iphone had been found and a URL to reach it,” Rabin said. Here’s a screenshot of one of those texts:

buscariphonetext

The link led to a page that looks exactly like the Brazilian version of Apple’s sign-in page, but which is hosted on a site that allows free Web hosting.

fakeapple

Rabin said he didn’t fall for the ruse, but that he imagines the scam would trick quite a few people who have lost their iPhone and are anxious to get it back.

Leave the “icloud” off the end of that texted URL and we can see a phony copy of Apple’s “Find My iPhone” login page that is still live (the hosting provider has been notified):

A "Find my iPhone" phishing page used by the robbers.

A “Find my iPhone” phishing page used by the robbers.

But the scammers didn’t stop there in trying to phish the Apple ID and password for his iPhone account. Rabin said that just two days later, he received an odd, automated call on his mobile.

“It came from a strange number and a voice sounding like Siri or the [Google] Waze voice, informing me that my iPhone had been found and to look for my SMS for more info,” Rabin said. “That’s when I thought I had to tell this story to someone. To me, it really got to another level, connecting the lowest kind of criminals to a high profile one (probably went to school and college) that can buy (or even create) this kind of scam.”

The high cost of smart phones makes mobile device theft a serious problem everywhere in the world, not just Brazil. If you use an Apple device, it’s a good idea to turn on the “Find My iPhone” feature using the Find My iPhone App, so that when or if the device gets lost you can located it by signing into icloud.com/find.

If your Apple device is lost or stolen, check out Apple’s advice on how to manage the loss, depending on the severity of the situation. In Rabin’s case, even though the phone is currently turned off, he has the options to put it in “Lost mode,” “lock it,” or “remotely erase it.” The next time your device is online, these actions will take effect.

Also, try to make a habit of regularly syncing your device to your computer, so that in the event your phone is lost or stolen your data is backed up and you don’t have to worry about remotely wiping important data that may not already be saved locally.

Tags: , , ,

38 comments

  1. If its an ad for Find my iPhone app then its a job well done Brian . Its an old scam page trick and its very Basic ( scam page .hosting .redirect) ,only stupid people will fall for it this days .

    • An ad? You understand that the FindMyIphone App is from Apple and free, right?

      • Nice write-up. Interesting scheme that would fool many people desperate to get back a phone. Ignore the trolls.

    • …only stupid people will fall for it this days”

      – and that is why it is still working, all those scammers and IT junky tools.

      $1.6 million: the average cost of a spear phishing attack..

      APWG report: Phishing surges by 250 percent in Q1 2016.. what about now???

      nough said..

  2. Wow. That is pretty slick…had it worked.

  3. One important thing to do is to disable the SIM card PIN code, it will just block you phone from being located.

    Set a passcode lock and disable PIN code that way when it’s turned on, it will automatically connect over 4G or LTE

    • I don’t quite understand your point. It seems your statements contradict each other.

      • The SIM card passcode is separate from the iPhone passcode. With the SIM passcode locks the phone from accessing cellular service. It doesn’t lock the phone itself. With a locked SIM, the thief can’t remove the sim from a locked phone and use it in a different phone to access the data and calling plan. The phone would have to access wifi to report it’s location with a locked SIM if stolen, however.

    • Unless you have a pay-as-you-go card, this just trades one risk for another, your SIM card could be used for expensive premium services, or for illegal activities. There have also been scams where thiefs used unlocked stolen sims to trick friends and family into wiring funds for “emergencies” .

  4. IRS iTUNE cards (real)

    Lowest form of scum on earth these kind of people but not as low as the miscreant phone scammers in India, Bangladesh and the Philippines

  5. Really? I dont have time to think to guard my property from
    crooks scammmers.
    I avoid using any Apple.
    i dont post my real info anywhere.
    i dont click on strange websites.
    android phone is way better then iphone.
    and this icloud is absalout nonsense- !-!!
    And if someone will be brave enough to scam me
    i will take his head and bang to the walll and he will own me
    10× times more then he steal..or scam !! People who let to steal for their propery they are just loosers !@ be a man and protect yourself. Dont keep your information out. Dont use even your real name when you use internet.
    Be smart and careful and nothing happens.

    • “android phone is way better then iphone”

      LoL. Most Android devices can’t even get security updates.

      • Lol.. cant even get updates… get a Google Nexus 5x (or other models) and you are updated frequently. Dont bother with other Androids, Sony, HTC, etc etc..

        Get with the strength 🙂

    • You do realize that Android could be phished the same way if it’s stolen?
      Android has a locate phone option as well.
      The brand doesn’t matter.
      And you talk quite brave, do you REALLY think you could have beaten up the three guys who robbed the phone at 3 on 1 odds? That’s foolish to do so, one could have a gun or knife too. A phone isn’t worth your life.

    • @olou

      I do love your response – you are a man after my own heart – I so agree with you

  6. Im getting sick to read all about this scams.
    goverment dont do nothing at all they together
    with their fellow freemasons allowing to happening all
    this bs…its anarchy chaos. I dont trust any western banks
    or apple or any companies … its all big scam.
    if someone saing i have to worry about security then
    first place dont allowing to happening this nonsense.

  7. Hi Krebs,

    Please take some time to read Marinho’s research on this regard. You can find it on the following link:

    https://www.linkedin.com/pulse/sin-card-how-criminals-unlocked-stolen-iphone-6s-renato-marinho

    All the best

  8. The phone may have become infected with the iZika virus.

  9. Brian, one needs to notify Apple about that scammy/phishing site and not the Brazilian hosting provider. Most businesses in Brazil are part of the overall corruption in that country. They may very well not care about doing anything about it.

    Here’s the info about reporting it to Apple:
    http://www.apple.com/legal/more-resources/phishing/

  10. Brian, You do not need the Find my iPhone app to use Find my iPhone. It’s an operating system setting; you just turn it on. The app is optional; it allows you to track a lost or stolen iphone from an iOS device in your possession.

    • “It’s an operating system setting; you just turn it on.”

      Well…assuming you have and you’re logged into an iCloud account.

      • Having the Find my iphone app, as Brian suggested, will not allow you to set up Find my iPhone if you are not logged in to iCloud. It also won’t allow you to set up Find my iPhone if you ARE logged in. You still have to turn the feature on in iCloud settings. The app is irrelevant when enabling Find my iPhone.

  11. To read some people’s comments you would believe life is a scam and if we don’t live we can’t be scammed. This may be true, but I prefer living, learning where the pratfalls are and how to avoid them. I will never be able to afford an Apple phone, but I am interested in hearing about issues that can be voided. It may be twisted a bit when someone tries to phish me, but it will come and I may be a little wiser by hearing what others have faced. The smart man learns from his mistakes. The wise man learns from others mistakes, or in this case the mistake he refused to make. Adapted from a quote by Roy H Williams.

  12. Old school flip phones rock! Lost? I can find another at WalMart for $10. I even get to keep my number. At most I lose a month of pre-paid minutes.

  13. The cat and mouse game between phone thieves and anti-theft systems is fascinating, and with phones as valuable as they are will likely continue and escalate.

    A relative had their iPhone stolen in Morocco, and the criminals were resourceful enough to do a password reset to the iCloud account and dig around in the device’s emails (it didn’t have an unlock password…) for a reset notification. Shortly after that, I noticed Apple started requiring a different backup email address for password resets.

    Not very technically advanced, but I wouldn’t be surprised if this is far more commonplace than we know; only a minority will 1) have their iPhone stolen, 2) recognise this for the scam it is, and 3) think it’s notable enough to report to a site like this one. That said, if the phone was locked, I wonder how their phone number was obtained. Siri perhaps?

    It’ll be interesting to see if and how Apple responds, since while criminals have a reasonable chance of socially-engineering stolen phones into working, phone theft will continue (which harms us all).

    • Apple provides all of the tools needed to keep your account secure. It’s up to the user to take advantage of them.

      Here’s a simple test of how secure your phone is: Hold the HOME button down and say “Who owns this phone?” You may be surprised at the result. It’s a feature that can easily be turned off, or even set up with misleading information, but you actually have to do it.

  14. @TJ

    So true! I have no need for a “smart” phone. I understand some people need them for work. Many times they seem to be a stat But for now, my $5(sale a few years ago) Tracfone suits me fine! Also, my home computer is a Chromebook.

  15. I recommend using a backup app as well, I don’t want to advertise any and I don’t know if I’d be allowed to post a certain app neither.
    There are plenty out there tho, many big av companies integrate it nowadays and regardless of your phone’s os, you have another track/delete tool

    • So true, I have basically two things that I can use to protect my phone : Bitdefender app and Google itself. Both come with the same ability.

  16. I find odd that a victim’s husband would contact the thieves to buy back the phone. That’s just inviting the thieves to contact you to scam you. He would have been better off just contacting the police and use the tracking to find it. Failing that, lock it and wipe it.

  17. Interesting article. The cybersecurity company Cyren reported on an almost identical scam back in the Spring of 2016. The story appears in their special report on Phishing. http://pages.cyren.com/201608_Phishing_ThreatReport_LP.html?utm_campaign=2016Q3_PhishingThreatReport&utm_medium=ad_banner&utm_source=resource_center

  18. It’s all about your tolerance. Setup the remote lock/wipe/brick feature if you are unable to afford the loss of the device. If you do not wish to invite additional risk, stick to flip or “burner” phones with prepaid minutes (my parents do this, it saves me a lot of pain as their IT “help desk”).

    Inviting the bad guys to communicate with you seems awkward at the least, potentially even more damaging if you choose to engage them further.

    I also find it ironic people wish to brag about their preferred device. Chances are you use social media from the device and are readily handing over heaps of personal data, willingly. Why argue over which is least/more secure when you give away your data for free?

  19. In Brazil, I’d consider myself EXTREMEMLY lucky if the worse thing to happen to me was a stolen then phished iPhone. Good lord that place is hell on earth. Source: Liveleak

  20. Very interesting article. Desperate people can easily be fouled. By the way, it is very wise to chain the physical robbery with the phish. This way the scammers do not have to artificially creeate a scenario for psychologic pressure – the phisical robbery already did that.

  21. Really an informative and valuable post about iphone robbers..You seem to have a good understanding about it.I will bookmark it and come back for more.