One of the 200+ people who had their phones stolen at Lollapalooza has reached out to CWBChicago with a cautionary tale. It’s a head’s up that everyone needs to be aware of in case their phone goes missing.
For her, the misery didn’t end with losing her phone to a thief.
“I set an alert on the stolen phone to notify me when the phone was located,” she remembered. A few days later, things started to look up: “Sure enough, I got a text from ‘Apple’ that my lost phone had been found.”
You’ve probably concluded by the quote marks around “Apple” that something was amiss. You’re right.
“I clicked the link in the text to locate my phone, and it took me to the ‘find my iPhone’ page. I entered my credentials, per usual, including my Apple ID and password.”
The gut punch came seconds later. “I instantly got a message that my Apple ID was being accessed in Portage, Indiana. My stolen iPhone was erased within two minutes.”
She had just fallen victim to a phishing scam. Her Apple ID and password were compromised by thieves who directed her to a fake Apple site to collect her ID and password.
“The text was not from Apple, and the ‘find my iPhone’ page was a fake duplicate,” she said.
And a very realistic-looking duplicate at that. “I had accessed the real Apple site a dozen times in the previous week.”
As it turns out, scams like the one our reader fell into are not uncommon. Phone thieves and clearinghouses for stolen electronics hijack accounts so they can wipe devices clean for resale.
And the sites can be almost impossible to detect. On the web version, even the address in your browser may say “Apple.com,” according to Forbes.
“Hindsight is 20/20, and I know people will give me grief for clicking that link,” the woman told us. “I truly was just naive to the entire scam and had no idea anything like this existed for stolen phones.”
“Maybe you guys can help get the word out and prevent this from happening to someone else.”
Let’s hope so. And thank you for speaking up so others may avoid the extra misery.