CNN
–
A complex but relevant method Taking control of a user’s iPhone and permanently locking out the device seems to be on the rise.
According to a recent Wall Street Journal report, some iPhone thieves are using a security setting, called a recovery key, that makes it nearly impossible for owners to access their photos, messages, data and more. Some Victims also told the publication Their bank accounts were drained after thieves gained access to their financial apps.
It is important to note, however, that this type of takeover is difficult to pull off. That would require the criminal to essentially see the iPhone user enter the device’s passcode — for example, by looking over their shoulder at a bar or sporting event — or to manipulate the device’s owner into sharing their passcode. And that’s all before they physically steal the device.
From there, thieves can use passcode to change the device’s Apple ID, turn off “Find My iPhone” so their location can’t be tracked, and then reset the Recovery Key, a complex 28-digit code to protect its owners from online hackers.
Apple needs this key to help reset or regain access to an Apple ID in an effort to strengthen user security, but if a thief changes it, the original owner won’t have the new code and will be locked out of the account.
“We empathize with those who have had this experience and take all attacks on our users very seriously, no matter how rare,” an Apple spokesperson said in a statement to CNN. “We work tirelessly every day to protect our users’ accounts and data, and are always investigating additional protections against emerging threats like this.”
On its website, Apple warns that “You are responsible for maintaining access to your trusted devices and your recovery key. If you lose both of these items, you may be permanently locked out of your account.”
Jeff Pollard, VP and principal analyst at Forrester Research, said the company should provide more customer support options and “ways to authenticate Apple users so they can reset these settings.”
For now, however, users can take a handful of steps to potentially protect themselves from this happening to them.
The first step is to secure the passcode.
An Apple spokesperson told CNN that people can use Face ID or Touch ID when unlocking their phones in public to avoid revealing their passcode to anyone watching.
Users can also set a long, alphanumeric passcode that is difficult for bad actors to decipher. Device owners They should change the passcode immediately if they believe someone else has seen it.
Another step one can consider is a hack that is not necessarily supported by Apple but one that is circulating online. Within the iPhone’s Screen Time settings, which allow parents to set restrictions on how children can use the device, there’s an option to set a secondary password that any user will need before they can. Change Apple ID successfully.
By enabling this, a thief will be prompted for a secondary password before changing the Apple ID password.
Finally, users can protect themselves by regularly backing up the iPhone – via iCloud or iTunes – so that data can be recovered in case the iPhone is stolen. At the same time, users may consider storing important photos or other sensitive files and data in another cloud service, such as Google Photos, Microsoft OneDrive, Amazon Photos or Dropbox.
This won’t prevent a bad actor from gaining access to the device, but it will limit some of the fallout if it should ever happen.
#protect #iPhone #thieves #locking #device #CNN #Business