An intricate yet worrisome technique for taking over an iPhone and locking its owner out seems to be becoming more popular.
According to a recent Wall Street Journal investigation, some iPhone thieves are taking advantage of a security feature known as the recovery key that makes it nearly hard for owners to retrieve their data, texts, images, and more. A few victims also informed the publication that after the crooks obtained access to their financial applications, their bank accounts were completely depleted.
It’s crucial to remember, though, that this kind of takeover is challenging to execute. It basically involves a criminal seeing an iPhone user enter the passcode—for instance, by peering over their shoulder at a bar or sporting event—or coercing the owner of the device into disclosing the passcode. And that’s all prior to them taking the gadget by force.
After that, a thief might use the passcode to modify the Apple ID of the device, disable “Find my iPhone” to prevent location tracking, and reset the recovery key—a complicated 28-digit code meant to shield its owners from cybercriminals.
In an attempt to increase user security, Apple requires this key in order to help reset or regain access to an Apple ID. However, if a thief changes it, the original owner will not have the new code and will be locked out of the account.
An Apple representative told CNN in a statement, “We sympathize with people who have had this experience and we take all attacks on our users very seriously, no matter how rare.” “We constantly look into new protections against emerging threats like this one and work tirelessly every day to protect our users’ accounts and data.”
On its website, Apple says “you’re responsible for maintaining access to your trusted devices and your recovery key. You risk having your account permanently locked out if you misplace either of these items.
According to Jeff Pollard, vice president and principal analyst at Forrester Research, the business needs to provide “ways for Apple users to authenticate so they can reset these settings” in addition to additional customer service choices.
However, there are a few actions consumers may do right now to perhaps safeguard themselves against experiencing this.
Keep the passcode secure.
Safeguarding the passcode is the first step.
According to an Apple representative who talked with CNN, users can prevent anyone who might be monitoring from learning their passcode by unlocking their phone in public using Face ID or Touch ID.
An extended alphanumeric passcode that is more difficult for hackers to decipher can also be configured by users. In addition, users of the device should update the passcode right away if they think someone else may have seen it.
Screen Time Configurations
Another action someone might take is to look into a hack that has been making the rounds online but isn’t necessarily approved by Apple. The Screen Time feature on an iPhone gives parents the ability to impose limits on their children’s device usage. One such restriction is the ability to create a backup password that must be entered by any user in order to successfully modify an Apple ID.
If this is enabled, before altering an Apple ID password, a thief would be asked for that secondary password.
periodically backup your phone
Lastly, consumers can safeguard themselves by routinely backing up their iPhones using iTunes or iCloud, which will allow data recovery in the event that an iPhone is stolen. Simultaneously, users might want to think about putting sensitive files and data, like crucial images, in another cloud service like Dropbox, Google images, Microsoft OneDrive, or Amazon Photos.
Although it won’t prevent a malicious person from accessing the device, this should lessen some of the consequences if that were to occur.