Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
You would think apple would want to shut down phishing sites like this. Obviously they don't care.

What? Did you think about that? Apple is not the Internet policeman who can just shut down sites.

There will ALWAYS be sites like this as long as there are people who are willing to fall into the trap!
 
Just ask siri for your contact info from the lock screen & it all shows up inc. address, phone no's, email etc.

I just tried this on my roomate's phone. Siri will give you the person's name but that's it. When you click the contact it asks for the 4 digit passcode. If you ask for your number, she asks for 4 digit passcode. If you ask for your icloud, she directs you to check out apple.com.

I'm thinking the only way would be through the SIM card, but doesn't AT&T pin lock all of their SIM cards?

This is all on an updated 9.2.1 iphone 6S btw (identical to mine).
[doublepost=1457281475][/doublepost]https://www.att.com/esupport/article.html#!/wireless/KM1000485

Found this article from AT&T. I'm going to follow up with them. Seem's like most SIM cards are PIN locked from the store but with a default code (1111)...which is beyond retarded. AT&T should have asked me to change it when I activated the phone in their store.
 
  • Like
Reactions: Vanilla35
I just tried this on my roomate's phone. Siri will give you the person's name but that's it. When you click the contact it asks for the 4 digit passcode. If you ask for your number, she asks for 4 digit passcode. If you ask for your icloud, she directs you to check out apple.com.

I'm thinking the only way would be through the SIM card, but doesn't AT&T pin lock all of their SIM cards?

This is all on an updated 9.2.1 iphone 6S btw (identical to mine).
[doublepost=1457281475][/doublepost]https://www.att.com/esupport/article.html#!/wireless/KM1000485

Found this article from AT&T. I'm going to follow up with them. Seem's like most SIM cards are PIN locked from the store but with a default code (1111)...which is beyond retarded. AT&T should have asked me to change it when I activated the phone in their store.
What did you ask? I just asked something like "who do you belong to?" and it returned my full contact card with phone number and emails and everything. This is while the phone was locked (iPhone 6 with iOS 9.2.1).
 
What did you ask? I just asked something like "who do you belong to?" and it returned my full contact card with phone number and emails and everything. This is while the phone was locked (iPhone 6 with iOS 9.2.1).

Yeah when I ask that. It returns a contact card with only my roomates name on it and picture (I assume because he has himself listed in his contacts). It doesn't reveal that person's actual number or icloud account. Like before if I click the contact card, it prompts for the 4 digit passcode.
[doublepost=1457284133][/doublepost]Not to mention the fact that this stolen phone was in lost mode (via findmyiphone) so Siri would be unavailable without an internet connection. I just tried using Siri with the phone in airplane mode...Siri not available. If the phone was connected to the internet I would have received an notification.
[doublepost=1457284347][/doublepost]I'm now thinking the only way they could have found my contact info is through my SIM card (not sure if it was pin locked from AT&T). I will contact AT&T to see if they can find out for me.
 
Of course it was the SIM card. It's easy to pop the SIM out, put it in another phone, and see the phone number.

There's no security issue here. No contacts are stored on the SIM these days. The only security issue is falling for phishing scams. And that sucks.
 
  • Like
Reactions: ohio.emt
What did you ask? I just asked something like "who do you belong to?" and it returned my full contact card with phone number and emails and everything. This is while the phone was locked (iPhone 6 with iOS 9.2.1).

I'm late to the party.

I was going to say asking "Who do you belong to?" or "Who is your owner?" gives the name and phone number on a locked iPhone.

I found an iPhone 5S at a bar a few weeks ago and asked it who its owner was and got the phone number....quickly realized that information was useless because the phone number was to the phone I was holding. Luckily the bartender knew the girl and where she was so I was able to return it.

IMO since the phone number is typically for the phone in question I can't see a good reason for Siri giving out that information.

Side note...I love keychain via Safari. If I don't get an autofill of information like AppleID I immediately suspect the site to be phishing and research it very thoroughly before entering my information.
 
Yeah when I ask that. It returns a contact card with only my roomates name on it and picture (I assume because he has himself listed in his contacts). It doesn't reveal that person's actual number or icloud account. Like before if I click the contact card, it prompts for the 4 digit passcode.
[doublepost=1457284133][/doublepost]Not to mention the fact that this stolen phone was in lost mode (via findmyiphone) so Siri would be unavailable without an internet connection. I just tried using Siri with the phone in airplane mode...Siri not available. If the phone was connected to the internet I would have received an notification.
[doublepost=1457284347][/doublepost]I'm now thinking the only way they could have found my contact info is through my SIM card (not sure if it was pin locked from AT&T). I will contact AT&T to see if they can find out for me.


If
Short version:

Phone was stolen, iphone was locked when stolen but turned off by thief, findmyiphone set to lost mode with slim chance of retrieving it, 1 week later received iMessage allegedly from Apple Support (I now know it was fraudulent) stating that iphone had been found, please refer to specific location (Link). The link sent me to http://apple.info-app-apple.com/us which was an exact replica of apple's website asking for my appleid/password. Where I unknowingly entered in my appleid/password granting them access to my device (they immediately unlocked/switched the appleid from the stolen iphone) and locked me out of my icloud account. This gave them access to all of my data on my icloud, including contacts, photos, keychain, along with my personal name, address, last 4 credit card digits.



Apple Support has been contacted with all of this information and a case is being handled. But my biggest concern is the huge breach in security that occurred for this situation to have even propagated in the first place. How did these people gain access to my phone number/appleid from a locked/lost mode iphone 6S and then use this information to contact me? Are there not security measures in place to prevent this from happening?

Did you have "Hey Siri" set up to work with your locked screen? On what device did you get the iMessage?
 
Here is the screenshot of the phish site they used. Giving them the account id/password was my mistake but besides the point. They should have never been able to contact me in the first place.

Every time you are sent via a link to a website that looks like apple / paypal / etc but you have some doubts, look for the green lock in Safari.
 

Attachments

  • Screen Shot 2016-03-07 at 01.42.50.png
    Screen Shot 2016-03-07 at 01.42.50.png
    3 MB · Views: 190
  • Like
Reactions: Azzin
Every time you are sent via a link to a website that looks like apple / paypal / etc but you have some doubts, look for the green lock in Safari.
That's part of it, but often enough looking at the address/URL of the site can be a good indicator too.
 
The sad thing is I agree any sim locked or not will be able to tell you it's number it's just knowing how. Sadly you where scammed in to using a fake site I know I see it done the police do it when trying to trace someone on the run they send the family they might think is talking to that person on the run an email and if silly enough they enter they stuff you have clone a phone that's the crap part about iCloud How they get your email well social media maybe? Send a flyer in the post asking for your email so you get 25 pounds free this of that easy tricks a know on the door for a sev. Don't want to upset you but some times you might want to look closer to home. Forgot that Apple ID ? No worries then wipe it and set it up like you just brought it iCloud or not it's the know how. I have done it to my own phone I don't know about the newer iOS if things have been patched now maybe I also done it on Windows PCs passwords again I think there are fixes bios passwords no problems just set the jumpers. Do you kinda get me what I'm saying. No one safe sadly nfc cards people can walk past you bang 30 pounds nicked with out even touching you. If there is a will there is away I'm sorry about your phone.
 
  • Like
Reactions: Vanilla35
Would Apple even send an iMessage to someone to begin with, asking to log in?

.

Of course not.
.
.
.
OP gets phone stolen and assumes Apple did something wrong and blames them when the only dumb move here was on the OP's part logging in to scam site.

Way to go!
 
I just tried it out and it turns out it's extremely easy to get a phone number from the phone's SIM. If you put a SIM in an iPhone (even if inactive), it will tell you the number on the sim in Settings > Phone. I just tried it with several SIMs I had lying around and it worked on all of them. Sorry to hear about the scam, but it seems like these are becoming more common. I just read about something identical to this a few weeks ago.

How do you get to settings > phone to see the phone number when the phone is locked. The phone has to be unlocked in order for a person to get to the settings.
 
Of course not.
.
.
.
OP gets phone stolen and assumes Apple did something wrong and blames them when the only dumb move here was on the OP's part logging in to scam site.

Way to go!

I acknowledged that entering my info into a phishing site wasn't brilliant (eventhough domain name included .apple.com) I was able to get a hold of Apple quick enough for them to catch the mistake and they were successfully able to prevent the phone (via serial and imei) from switching ownership (it is still currently linked to my icloud) and cannot be activated, they also placed the serial number on Apple's list of banned phones, new owner can't purchase anything on itunes/app store. Mistakes where made lets move past this. I'm not blaming Apple, I just want something good to come out of this and maybe we can stop these *******s from continuing to steal our beloved devices.

I was trying to inform people of what happened so that it can be prevented in the future.

The phone was in lost mode (within 5 minutes of being stolen) whoever the person who took it had either shut it off or put it in airplane mode. Without being notified of my phone resurfacing via a connection to the internet, I think it is safe to assume that siri was never in play here because siri requires an internet connection. And if that had occured I would have been notified via findmyphone the location of my device.

They were able to somehow determine my phone number (Currently think the SIM card was the culprit) and use that information to send me the fake apple support alert that my device had been found. THIS IS CONCERNING. Because apple has security features that are set in place to prevent this from happening, this is why the phones are programmed to star out the icloud account when it prompts for it. Apple Support would not send an imessage to me so this should have been a red flag. However, most people would fall for this since they are anticipating a message from findmyiphone if/when the device reconnects to the internet. The phishing site itself was a clone of the apple site, every link worked (they were actually hyperlinked to the official apple site).

If anyone has any other ideas on how they discovered my phone number, please let me know.

However the people that tricked me into giving them my icloud information, used an icloud account to message me apple.app.icloud@icloud.com . Apple is currently investigating the account as I am sure it has been used several times to commit fraud. They have the account holders information, which I was told is in Japan. They probably signed up using an alias but worth a shot. I also looked up the domain registrar...these pricks were too cheap to pay for private domain registration so the information they used to setup the site was visible to anyone. Name, phone number, address (Shanghai, China), even their company name.
 
I acknowledged that entering my info into a phishing site wasn't brilliant (eventhough domain name included .apple.com) I was able to get a hold of Apple quick enough for them to catch the mistake and they were successfully able to prevent the phone (via serial and imei) from switching ownership (it is still currently linked to my icloud) and cannot be activated, they also placed the serial number on Apple's list of banned phones, new owner can't purchase anything on itunes/app store. Mistakes where made lets move past this. I'm not blaming Apple, I just want something good to come out of this and maybe we can stop these *******s from continuing to steal our beloved devices.

I was trying to inform people of what happened so that it can be prevented in the future.

The phone was in lost mode (within 5 minutes of being stolen) whoever the person who took it had either shut it off or put it in airplane mode. Without being notified of my phone resurfacing via a connection to the internet, I think it is safe to assume that siri was never in play here because siri requires an internet connection. And if that had occured I would have been notified via findmyphone the location of my device.

They were able to somehow determine my phone number (Currently think the SIM card was the culprit) and use that information to send me the fake apple support alert that my device had been found. THIS IS CONCERNING. Because apple has security features that are set in place to prevent this from happening, this is why the phones are programmed to star out the icloud account when it prompts for it. Apple Support would not send an imessage to me so this should have been a red flag. However, most people would fall for this since they are anticipating a message from findmyiphone if/when the device reconnects to the internet. The phishing site itself was a clone of the apple site, every link worked (they were actually hyperlinked to the official apple site).

If anyone has any other ideas on how they discovered my phone number, please let me know.

However the people that tricked me into giving them my icloud information, used an icloud account to message me apple.app.icloud@icloud.com . Apple is currently investigating the account as I am sure it has been used several times to commit fraud. They have the account holders information, which I was told is in Japan. They probably signed up using an alias but worth a shot. I also looked up the domain registrar...these pricks were too cheap to pay for private domain registration so the information they used to setup the site was visible to anyone. Name, phone number, address (Shanghai, China), even their company name.

Just wanted to say that I feel for you...definitely sc*mbags that pulled this.

How you got scammed...a couple of people already posted their stories before on here, your id is new so I assume this is all news to you.

In a nutshell, any iMessage (and this applies to even purported emails from Apple) should be treated as suspicious when there is a link in the message/email to click on to login in.

Not too long ago, I received a fake EBay email with logon link enclosed (very legit looking)......all sorts of ways to try to trap unwary people.
 
Last edited:
Just wanted to say that I feel for you...definitely sc*mbags that pulled this.

How you got scammed...a couple of people already posted their stories before on here, your id is new so I assume this is all news to you.

In a nutshell, any iMessage (and this applies to even purported emails from Apple) should be treated as suspicious when there is a link in the message/email to click on to login in.

Not too long ago, I received a fake EBay email with logon link enclosed (very legit looking)......all sorts of ways to try to trap unwary people.
Seems like the main part of the question in all of that was how they got his/her number and/or email information to send an iMessage.
 
Apple doesn't scan people's emails or imessages, so how would Apple know this is going on?

Probably by finding the scam website. I would think with all of Apple's resources they could easily take down a fraudulent website.
 
By putting the SIM in another phone that doesn't have someone else's Passcode lock on it like he mentioned doing on the post you quoted.

Hmm weird, I always thought SIM cards were locked with a PIN. The last time I could my Telus SIM card and put it in another device the SIM card was locked and I couldn't do anything without the PIN. Maybe the Canadian SIM's are different. I will have to try it to see what happens.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.