Technology Smartphones

iPhone Lost Or Stolen? Don't Fall For These Messages Asking You To Unlock It

Masked thief snatching an iPhone XS Donenko Oleksii/Shutterstock
By Tushar Mehta/

Thieves are constantly getting smarter and devising new ways to unlock your iPhone after stealing it. From impersonating Apple to blackmailing you, we discuss what some of these threats look like and why you should never fall for them, no matter how legitimate they seem.

With the massive troves of data — from our private photos and videos to passwords, banking IDs, social security numbers, and other information — on our phones, losing them can be daunting as we risk losing more than just the physical value of the phone — or the sum total of its salvageable parts after being ripped apart. Thieves may not value our private data as much as we do but will hold us for ransom to free up the hardware so it can be resold intact. To these wretches, iPhones appear more lucrative than Android devices, owing to their better resale value, based not only on the iPhone's hardware but also on a sense of superiority associated with blue bubbles in the iMessage app.

iPhones can be trickier for robbers to reclaim because of the safeguards that Apple puts in. Apple's Find My app lets you track a lost or stolen iPhone — even without a SIM card or an internet connection — through a network of Apple devices. You can also mark your device as "Lost," which locks it unless removed from your Apple ID. This requires thieves to force or intimidate you, and here are some examples of how they go about this dirty business.

Impersonating Apple to trick you

Apple Find My on iPhone sdx15/Shutterstock

When you put your iPhone in lost mode, your contact details show up on the lock screen, which thieves can use to contact you. These con artists typically contact you through iMessage or email since it's easier to conceal their real identities.

For example, after losing an iPhone, a person on Reddit received a furry of messages stating that their lost iPhone had been accessed and unlocked and their photo library had been accessed. The messages further suggest they block unauthorized access to their private data by clicking a link with keywords such as "support," "Apple," and "FindMy" — although paying attention reveals it points to a "support-apple.us.com" instead of "apple.com." The link even opens up to an exact replica of the official iCloud login page.

This trusty-dusty technique of phishing, i.e., creating seemingly authentic but actually fake websites, allows scammers to steal credentials. As soon as you log in to the website, the scammers can access your Apple ID and password, bringing them one step closer to unlocking your iPhone. Another example is where scammers use "icloud.us" — another phishing website to steal your Apple ID credentials.

The despair of your iPhone getting lost or stolen can put our rational judgment into a toss, making us desperately click bogus links that seem legitimate. While it goes without saying, you must not click on such links without checking them through dedicated portals like ScamAdviser or IsLegitSite.

Intimidation where trickery doesn't work

Distressed person looking at their iPhone Nosystem Images/Getty Images

Another way iPhone thieves may trick or coerce you into sharing your Apple ID details is by intimidation. Going by the number of posts we see about this topic on online forums such as the iPhone subreddit, the issue is very prevalent, and thieves brazenly harass the victims into disclosing their iCloud passwords or removing the stolen device from Find My.

One of the most common ways robbers extort people whose iPhones have been stolen is by threatening to leak their private media and any information stored on the stolen iPhone. Usual messages may contain threats of selling the iPhone or the data on the black market. These threats are usually backed by claims about jailbreaking the iPhone and shipping it off to another country to access the data or shredding it piece-by-piece to access the storage component inside.

Sometimes, thieves may even take the extreme route of threatening to inflict harm, claiming they know your home address, and sometimes include imagery of weapons. 

A 'Lost' iPhone is basically dead weight

Lost iPhone display message Apple

The objective here is to pressure owners into removing the iPhones from their Apple ID, which can, in turn, allow them to resell the phone. This is because an iPhone marked as Lost will not function normally and will continue to flash a message that reads "Lost iPhone." This remains unchanged, even when you remotely erase the iPhone. So, the only way for these thieves to salvage an iPhone marked as lost is by forcing the owner to remove it from their ID. Therefore, it's important not to succumb to these threats for removing the iPhone from your Apple ID.

You might sometimes receive notifications about your iPhone undergoing a jailbreak process, or it may even show up in another country. But if your iPhone remains marked as Lost, it cannot be traded intact. Scammers mostly craft these messages to initiate a panic-induced removal of the stolen iPhone from your Find My account.

The only real gain for thieves from these stolen iPhones is selling them for a lower price in a gray market where parts such as the screen or camera lens can be used to repair other broken iPhones. Another thing to note is that an iPhone's storage is encrypted by default as long as a passcode is in place. So, it is vital to use your iPhone with a passcode.

What if it's stolen unlocked?

Victim in street phone robbery Jackf/Getty Images

A rather unfortunate scenario is when thieves snoop on you while you enter your passcode or yank your iPhone while it is still unlocked. The Wall Street Journal reported last year how thieves prefer to snatch unlocked iPhones because having access to your phone unlocked — or knowing the passcode — allows them not only to resell the iPhone easily but also empty any bank accounts or credit cards linked to Apple Pay or any other cash app.

In an interview with the WSJ, a thief who claims to have stolen iPhones worth $2 million collectively shared their usual modus operandi. After grabbing the stolen iPhone, they would head to Settings, change the Apple ID password and Face ID, and turn off access to Find My so quickly that the victim wouldn't have any chance to mark the phone as lost. To safeguard it further, thieves add cryptographic security to the Apple ID, further debilitating the owners. Thieves might even pry into your notes to check for additional information related to banking or finance apps.

Turning to Apple for a solution

Stolen Device Protection iOS 17.3 beta Nadeem Sarwar/SlashGear

Apple recently addressed this by adding Stolen Device Protection to iOS 17.3 beta. The feature eliminates the option to unlock your phone using a passcode when you're away from familiar locations, such as your home or work, and requires biometric authentication (Face ID or Touch ID) for changing the passcode or Apple ID password. It adds an intentional delay of an hour for such actions, preventing thieves from changing it instantly. Such delays do not exist if the iPhone is at a familiar location, such as your home or work location.

Stolen Device Protection will be turned on by default when it soon rolls out more widely with the iOS 17.3 stable release. For those running iOS 17.3 beta, turning the feature on is optional, but you can activate it on your iPhone running iOS 17.3 beta by following these steps:

  1. Open Settings and go to Face ID & Passcode.

  2. Turn on Stolen Device Protection

Recommended