How did a hacker get my sons Apple ID and phone number while stolen iPhone 6s was in lost mode?

Aug 6, 2016
5
0
0
Visit site
to [redacted]
[Find My iPhone]
Your lost iPhone device has been found now.

System has been updated to:iOS 9.3.3

If you want to get more location information, you can go to [redacted] as soon as possible.

The link will expire in 12 hours.

[Apple Security Center]

This is the iMessage my son got on his new iPhone SE that I replaced for him after his iPhone 6s was stolen and put into lost mode and shut down by sprint.
 

Just_Me_D

Ambassador Team Leader, Senior Moderator
Moderator
Jan 8, 2012
59,681
627
113
Visit site
I do not know, but if I had to speculate, I'd say that someone he knows has the device. Anyway, your son needs to change all of his passcodes and enable 2-step authorization, in my opinion.
 
Aug 6, 2016
5
0
0
Visit site
He was riding a coaster at six flags the iPhone 6s fell and was found then stolen by the person who found it at the theme park. Apple promote that the phone is secure with the finger print and that it is totally locked down in lost mode. The fraudulent iMessages proves that hackers know how to get some information out of the phone. But they are trying very hard for people who do not know any better to click the link and put the Apple ID and password into the website that looks very much like the apple find my iPhone site. What tipped me off to the scam is there was "S" missing from the "http" link. I called apple and they confirmed that they did not send the iMessages.
 

metllicamilitia

Ambassador
Dec 25, 2011
5,294
4
38
Visit site
That doesn't really read like an email from Apple. However I've never lost my phone so I don't know what the message is. If the phone was updated, the phone needed to be unlocked, you can bypass the fingerprint scanner and go straight to the passcode lock. Or if you get your fingerprint wrong a few times it takes you to the passcode lock. The passcode lock is much easier to bypass than the fingerprint scanner. As far as https vs http, both are valid website prefixes. HTTPS is just secure.
 

Rob Phillips

iPhone X & Apple TV Champion, Moderator
Champion
May 1, 2012
13,759
0
0
Visit site
So, let me get this straight... Your son was at Six Flags, dropped his iPhone, and then a hacker with FBI-level hacking skills happened to walk by and grab it. Highly, highly doubtful. It sounds to me like you simply fell for a phishing scam. As previously recommended, have him change his password and enable two-factor authentication.
 

Just_Me_D

Ambassador Team Leader, Senior Moderator
Moderator
Jan 8, 2012
59,681
627
113
Visit site
How did a hacker get my sons Apple ID and phone number while stolen iPhone 6s...

He was riding a coaster at six flags the iPhone 6s fell and was found then stolen by the person who found it at the theme park. Apple promote that the phone is secure with the finger print and that it is totally locked down in lost mode. The fraudulent iMessages proves that hackers know how to get some information out of the phone. But they are trying very hard for people who do not know any better to click the link and put the Apple ID and password into the website that looks very much like the apple find my iPhone site. What tipped me off to the scam is there was "S" missing from the "http" link. I called apple and they confirmed that they did not send the iMessages.

If your son allowed for Siri to be accessed via the lock screen AND your son has a contact card for himself, all the person who found/stole device has to do is ask Siri whose phone it is. Siri will then state whose phone it is and display the owner's contact card bearing the phone number. Having said that, if you transferred the phone number to the replacement iPhone, the thief already has it and therefore can easily send a message/phishing link to the current iPhone. The iPhone is as secure as the owner allows it to be.
 
Aug 6, 2016
5
0
0
Visit site
Re: How did a hacker get my sons Apple ID and phone number while stolen iPhone 6s...

Thanks to everyone who responded. I just found business insider article on what these hackers are doing.
 

Rob Phillips

iPhone X & Apple TV Champion, Moderator
Champion
May 1, 2012
13,759
0
0
Visit site
The lesson learned here is not to give anyone confidential information unless you are 100% sure it's them. I work in banking and see this kind of stuff all of the time.
 

Sicily1918

Active member
Sep 17, 2015
42
0
0
Visit site
The poor grammar (granted, better than most phishing scams) of "Your lost iPhone device has been found now." and the signature "[Apple Security Center]" (really, the only thing more clich? and fake would be something from the "Apple Team") were dead giveaways that this was fake. Keep that phone in 'lost mode'.