• 520
    link
    fedilink
    21 year ago

    The usual tactic is to send a phishing text to a number that calls it pretending to be Apple. They then get your Apple ID credentials and use that to unlock the device.

    • @frazorth@feddit.uk
      link
      fedilink
      English
      21 year ago

      How do you send a phishing text to a phone you have stolen? The owner would either not get the text, or get it via iMessage which the response wouldn’t appear on the stolen phone. I’m not following this tactic, so I’m obviously missing something.

      • 520
        link
        fedilink
        2
        edit-2
        1 year ago

        The owner tries to call the number from another phone, usually a mobile. The hope is that the phone was misplaced and not stolen.

        • @frazorth@feddit.uk
          link
          fedilink
          English
          21 year ago

          So the owner calls the phone, which is answered by the thief who pretends to be Apple?

          Interesting.

          • 520
            link
            fedilink
            3
            edit-2
            1 year ago

            They don’t necessarily have to answer. They can just note the number that appears on-screen and text it later from a different device.

            Usually the next step for the owner is to try get into their Apple ID to access the lost phone functions. That’s where the texts come in.

    • blake
      link
      fedilink
      11 year ago

      As usual, people are the weakest link in security.

      • 520
        link
        fedilink
        11 year ago

        Exactly. The protections on the iPhone themselves are actually very strong for the time the phone released in. Unless you’ve got NSA-level hardware hackers in your org, this is by far your best bet.

        • @smeg@feddit.uk
          link
          fedilink
          English
          11 year ago

          Very much depends on your threat model. An iPhone is great if you trust Apple with the backdoor to your phone, if not then you’re probably much more secure with GrapheneOS.

          • 520
            link
            fedilink
            21 year ago

            I mean yeah, obviously Apple isn’t going to be able protect you much against a state-sponsored threat with their own private list of zero days, or Apple itself, but right now that’s a small amount of people either are truly interested in fucking over.