Helpp!! [Suspicious messages after phone was stolen]

kateemirandaa

macrumors newbie
Original poster
Jan 27, 2016
7
0
hey guys i need your help. Last january 13, my phone was stolen while i was on the bus. When i got home, i immediately logged on to find my iphone and put my phone to lost mode and erased it eventually. Because i was so angry i made sure that my phone will not be avtivated by anyone incase they sell my phone but awhile ago i recieved a measage (1st image). I was happy when i recieved a message that my phone was found. Even though i cant retrieve my phone, i got curious. So i open the link. When i openned it, it asked for my app id and password. When i got in, i saw my phone and it was still
Erased. The second time i openned it on find my iphone app it was gone! (2nd picture) I checked the activation status and it was off! (3rd picture) how was that possible!! Please help me what can i do! I dont want them to use my phone I want it to be totally blocked forever!
 

Attachments


noobinator

macrumors 603
Jun 19, 2009
6,413
5,376
Pasadena, CA
I'm not sure how it works so I'm just guessing but when you hit wipe the phone did you enter your ID and PW to confirm the wipe? Maybe this removes activation lock? I really hope this isn't how it works. I understand wanting to wipe it and I'd probably do the same but if it's not wiped there's no way they can get in unless they have your fingerprint, passcode, or apple ID and pw.

Again, I am just speculating but this doesn't look good.
 

darrylcn

macrumors regular
Oct 24, 2015
170
36
Scary thought that might be a dumb question since I've never been through it, but are you sure that wasn't a Phishing attempt that just happened to hit the right user in spite of the low probability? There's some odd punctuation/URL going on in that initial text. Hopefully they didn't get your credentials from the link they sent and then removed the lock using the ID/Password.
 

bransoj

macrumors 6502a
Jul 31, 2013
956
228
Is that address in the first image on the text message a proper Apple web address? Looks a bit suspect to me for some reason. Wondering if that by visiting that site and entering your details its unsuspectingly given your details to someone who has then used the details to remove the activation lock.
 
  • Like
Reactions: Blujelly

noobinator

macrumors 603
Jun 19, 2009
6,413
5,376
Pasadena, CA
Is that address in the first image on the text message a proper Apple web address? Looks a bit suspect to me for some reason. Wondering if that by visiting that site and entering your details its unsuspectingly given your details to someone who has then used the details to remove the activation lock.
Scary thought that might be a dumb question since I've never been through it, but are you sure that wasn't a Phishing attempt that just happened to hit the right user in spite of the low probability? There's some odd punctuation/URL going on in that initial text. Hopefully they didn't get your credentials from the link they sent and then removed the lock using the ID/Password.
Good catch by both of you. That definitely does not look legit.
 
  • Like
Reactions: XTheLancerX

kateemirandaa

macrumors newbie
Original poster
Jan 27, 2016
7
0
Scary thought that might be a dumb question since I've never been through it, but are you sure that wasn't a Phishing attempt that just happened to hit the right user in spite of the low probability? There's some odd punctuation/URL going on in that initial text. Hopefully they didn't get your credentials from the link they sent and then removed the lock using the ID/Password.
I dont know whats got into me. Maybe i just got excited when i read that my phone was found not thinking it might be a trap. Good thing i dont have my credentials there. its just that frustrating that they can now use my phone. im hoping there is a way that i can deactivate it again :(
 

bransoj

macrumors 6502a
Jul 31, 2013
956
228
I'm not sure how it works so I'm just guessing but when you hit wipe the phone did you enter your ID and PW to confirm the wipe? Maybe this removes activation lock? I really hope this isn't how it works. I understand wanting to wipe it and I'd probably do the same but if it's not wiped there's no way they can get in unless they have your fingerprint, passcode, or apple ID and pw.

Again, I am just speculating but this doesn't look good.
Not sure it would be that difficult to send it to the right person...its in blue so iMessage rather than text so could you send the message to the apple id on the phone thats been found and it hits the users new phone or linked iPad etc and then they are duped into thinking its real and give up their details by logging into the fake but well done iCloud website the url links to?

Could be one way a potential ebay type person who offers and unlocking service could try to get the details. Person finds phone, contacts this service, gives them the apple id on the found phone, service sends this message, gets info from dodgy site and then goes through unlock process.

Just guessing mind you!
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,672
6,404
At the iPhone hacks section.
Congratulations, you got scammed and entered your apple ID, password and other info into a random fishing text message.
I got one of those a few weeks ago too out of the blue asking me to enter all my info, email, address, name, apple id password etc...
I just deleted it.
 
  • Like
Reactions: ABC5S

keysofanxiety

macrumors G3
Nov 23, 2011
9,539
24,713
Oh man, that is not good. Really clever phishing attempt to unlock the phone, but honestly an absolutely horrible thing to be on the receiving end of. My complete sympathies go to you.

I would definitely, definitely report this to Apple -- or even email this thread to Tim Cook, I dunno -- because this is something seemingly new that will definitely crop up more and more in future. A nasty, devious way around the activation lock.
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,672
6,404
At the iPhone hacks section.
It really breaks my heart :(
You need to be smarter than that next time.
Anyone can text you, email you call you and ask you for your password, credit card info or logins. You just dont do it.
There's tons of fishing scams out there, they even make up websites that look like your paypal account login page or your banks online banking site and ask you to enter your user ID and password.
You need to be more careful than that next time and pay attention.
 

kateemirandaa

macrumors newbie
Original poster
Jan 27, 2016
7
0
Oh man, that is not good. Really clever phishing attempt to unlock the phone, but honestly an absolutely horrible thing to be on the receiving end of. My complete sympathies go to you.

I would definitely, definitely report this to Apple -- or even email this thread to Tim Cook, I dunno -- because this is something seemingly new that will definitely crop up more and more in future. A nasty, devious way around the activation lock.
oh men.. Does apple have the power to deactivate your phone? or shut it down?
 

keysofanxiety

macrumors G3
Nov 23, 2011
9,539
24,713
Congratulations, you got scammed and entered your apple ID, password and other info into a random fishing text message.
I got one of those a few weeks ago too out of the blue asking me to enter all my info, email, address, name, apple id password etc...
I just deleted it.
Oh shush, less of this patronising tone. Can't you read between the lines?

Activation Lock was on, then after they got phished for their Apple ID/Password, Activation Lock was disabled. It's pretty likely that the actual thieves had sent that phishing message. How could they do that? Simple -- send an iMessage to the email address that it said it had been locked by, as the default iOS settings mean you can send & recieve iMessages to email addresses with an Apple ID.

So yes, it is something pretty serious and certainly a scam that will be popping up more and more in future.
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,672
6,404
At the iPhone hacks section.
oh men.. Does apple have the power to deactivate your phone? or shut it down?
No, you just gave random strangers your apple ID and password. They removed the icloud activation lock. Nothing Apple can do.
Don't worry about that phone any more, its gone and you just released it to be used by anyone.
Worry about your apple ID account, they can go in and change everything, lock you out and purchase stuff. Go in and change that password right now.
 
  • Like
Reactions: pprior

Applejuiced

macrumors Westmere
Apr 16, 2008
40,672
6,404
At the iPhone hacks section.
Oh shush, less of this patronising tone. Can't you read between the lines?

Activation Lock was on, then after they got phished for their Apple ID/Password, Activation Lock was disabled. It's pretty likely that the actual thieves had sent that phishing message. How could they do that? Simple -- send an iMessage to the email address that it said it had been locked by, as the default iOS settings mean you can send & recieve iMessages to email addresses with an Apple ID.

So yes, it is something pretty serious and certainly a scam that will be popping up more and more in future.
People got no common sense nowadays.
I can very well read between the lines, the OP obviously cannot and fell for it.
Anyone can send you phishing messages or emails.
I was just telling her the reality behind her actions, you want to pamper her and give her a hug go for it. It wont make a difference.
She needs to change her passwords asap, she got scammed and her account is compromised.
 
  • Like
Reactions: ABC5S

keysofanxiety

macrumors G3
Nov 23, 2011
9,539
24,713
People got no common sense nowadays.
I can very well read between the lines, the OP obviously cannot and fell for it.
Anyone can send you phishing messages or emails.
I'm not saying it's not something that couldn't have been avoided, but the find.icloud.id.apple email address would certainly look legit at a fleeting glance, and especially if you're worried about your phone then they're just going on people's insecurities and sadness about their phone getting lost. As I'm guessing it was sent by the scammers, it's not any random phishing attempt, but a targeted one -- which isn't as impersonal and random as your Kenyan Prince looking to deposit billions of dollars into your account.

Yeah, this could have been avoided, certainly; I'm not saying it couldn't have. But a trace of sympathy from you certainly couldn't hurt.
 
  • Like
Reactions: BeeGood

kateemirandaa

macrumors newbie
Original poster
Jan 27, 2016
7
0
People got no common sense nowadays.
I can very well read between the lines, the OP obviously cannot and fell for it.
Anyone can send you phishing messages or emails.
I was just telling her the reality behind her actions, you want to pamper her and give her a hug go for it. It wont make a difference.
She needs to change her passwords asap, she got scammed and her account is compromised.
I completely understand you. It was really my fault because it was my first time to experience this. Good thing they cant get any information on my apple id.
 

BeeGood

macrumors 68000
Sep 15, 2013
1,804
4,940
Lot 23E. Somewhere in Georgia.
It really breaks my heart :(
I'm really sorry you went through that. But at least you had the presence of mind to remote wipe it so they don't get any personal info from you. And like you said, you weren't going to get the phone back anyway. They would have just disassembled it and sold the parts.

Don't forget to change your iCloud password if you haven't done so already. This sucks, but you'll have better days.
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,672
6,404
At the iPhone hacks section.
I completely understand you. It was really my fault because it was my first time to experience this. Good thing they cant get any information on my apple id.
Be wary from now on so you dont fall for these types of scams any more.
They do have your Apple ID and password, you need to go in right now and change your password and setup 2 step verification for your account.
 

keysofanxiety

macrumors G3
Nov 23, 2011
9,539
24,713
And yep, it's definitely not legit (see screenshot with the bad grammar), but it tries its best to, as the common online banking scams do.

Just really a big warning to everybody reading to keep on your toes with this sort of thing.

Untitled.png
 

BeeGood

macrumors 68000
Sep 15, 2013
1,804
4,940
Lot 23E. Somewhere in Georgia.
People got no common sense nowadays.
I can very well read between the lines, the OP obviously cannot and fell for it.
Anyone can send you phishing messages or emails.
I was just telling her the reality behind her actions, you want to pamper her and give her a hug go for it. It wont make a difference.
She needs to change her passwords asap, she got scammed and her account is compromised.
Jeez man. She knows she messed up. Are you really helping with all this?
 
  • Like
Reactions: keysofanxiety