When you put your iPhone in lost mode, your contact details show up on the lock screen, which thieves can use to contact you. These con artists typically contact you through iMessage or email since it’s easier to conceal their real identities.
For example, after losing an iPhone, a person on Reddit received a furry of messages stating that their lost iPhone had been accessed and unlocked and their photo library had been accessed. The messages further suggest they block unauthorized access to their private data by clicking a link with keywords such as “support,” “Apple,” and “FindMy” — although paying attention reveals it points to a “support-apple.us.com” instead of “apple.com.” The link even opens up to an exact replica of the official iCloud login page.
This trusty-dusty technique of phishing, i.e., creating seemingly authentic but actually fake websites, allows scammers to steal credentials. As soon as you log in to the website, the scammers can access your Apple ID and password, bringing them one step closer to unlocking your iPhone. Another example is where scammers use “icloud.us” — another phishing website to steal your Apple ID credentials.
The despair of your iPhone getting lost or stolen can put our rational judgment into a toss, making us desperately click bogus links that seem legitimate. While it goes without saying, you must not click on such links without checking them through dedicated portals like ScamAdviser or IsLegitSite.
