Table of contents:
Watch out for a new scam. It is a scam by which some criminals steal an iPhone and then call the user trying to impersonate Apple to obtain a series of very valuable data that would allow them to easily unlock iPhone.
Although this is a method that has been known for a long time, now it is further refined with the sole purpose of make the scam even more realso that the user who has been robbed offers their phone data without suspecting what is happening.
The novelty of the scam according to ESET is that now cybercriminals are able to call the victim of the theft pretending to be the Apple company and thus be able to obtain, through different techniques, your unlock code to be able to use the iPhone again.
Location, iCloud code, and call
The call that claims to be Apple is not the first step, there are two previous steps. First, when the iPhone is stolen and criminals have access to the line on a brand new device, the victim could receive an SMS
The message refers to the fact that the iPhone, with model and storage version, is locked and has been turned on in a certain area at a specific time, but to know that important detail, a web link is included that invites you to enter.
If the user knows about the scam, at first glance they will realize that the link does not correspond to any Apple service or site, so the suspicion is already there that they want to obtain some type of information from you and that it is simply a trap.
The question comes in the next step, when the user clicks on the link, they access a page that pretends to be the iCloud cloud service, and right there it asks to enter the access code, a 6-digit code to supposedly know the location of the iPhone.
The page is so real that it seems to be the original from Apple, but nothing is further from reality. If the owner of the stolen iPhone enters the key, they will be asked because the cybercriminals will already have it in their possession and with it they will be able to unlock your phone and reset it to the factory.
That means that later it's like a new phone and they could sell it. If the requested code is not entered, this is when the novelty of this scam comes, a supposed call in which they try to convince the user to get it as be.
The purpose of the call is to make the victim trust so that they finally agree to offer the unlock code. Even the cybercriminals themselves are capable of contacting relatives of the victim via SMS to put even more pressure on them.
In any case, never give any code to anyone, if your iPhone is stolen, the first thing to do is report it and then You can manually enter iCloud to check if the phone is actually active, if so, you should look where it appears located.