(CNN) Complicated, but disturbing method Taking control of a user’s iPhone and permanently locking it down on the device seems to be on the rise.
Some iPhone thieves are exploiting a security setting, called a recovery key, that makes it nearly impossible for owners to access their photos, messages, data, and more, according to a recent Wall Street Journal report. some victims too Tell to publish Their bank accounts were drained after the thieves gained access to their financial apps.
It is important to note, however, that this type of acquisition is difficult to achieve. It requires a criminal to essentially watch an iPhone user enter the device’s passcode — say, by looking over their shoulder at a bar or sporting event — or manipulate the device’s owner into sharing their passcode. And that’s all before they actually steal the device.
From there, the thief can use The passcode to change the device’s Apple ID, turn off “Find my iPhone” so their location can’t be tracked, and then reset the Recovery Key, a complex 28-digit code meant to protect owners from hackers online.
Apple requires this key to help reset or regain access to the Apple ID in an effort to enhance user security, but if the thief changes it, the original owner will not have the new code and will be locked out of the account.
“We sympathize with the people who have gone through this experience and take all attacks against our users seriously, however rare they may be,” an Apple spokesperson said in a statement to CNN. “We work tirelessly every day to protect our users’ accounts and data, and we’re always investigating additional protections against emerging threats like this one.”
On its website, Apple Warn “You are responsible for maintaining access to your trusted devices and recovery key. If you lose these two items, you may be permanently locked out of your account.”
Jeff Pollard, vice president and principal analyst at Forrester Research, said the company should offer more customer support options and “ways for Apple users to authenticate so they can reset these settings.”
For now, there are a few steps users can take to protect themselves from this happening to them.
Passcode protection
The first step is passcode protection.
An Apple spokesperson told CNN that people can use Face ID or Touch ID when unlocking their phones in public places to avoid revealing their passcode to anyone who might view it.
Users can also set up a longer alphanumeric passcode that is difficult for bad actors to detect. Device owners They should also change the passcode immediately if they think someone else has seen it.
Screen Time settings
Another move anyone can consider is a hack that hasn’t necessarily been approved by Apple but has been circulating online. Within the iPhone’s Screen Time setting, which allows guardians to set limits on how children can use the device, there is an option to set up a secondary password that is required from any user before they can. Apple ID changed successfully.
By enabling this, the thief will be prompted for this secondary password before changing the Apple ID password.
Back up your phone regularly
Finally, users can protect themselves by regularly backing up their iPhone — via iCloud or iTunes — so that data can be recovered if the iPhone is stolen. At the same time, users may want to consider storing important photos or other sensitive files and data in another cloud service, such as Google Photos, Microsoft OneDrive, Amazon Photos, or Dropbox.
This won’t stop any bad actors from gaining access to the device, but it should limit some of the repercussions if they do.
“Lifelong beer expert. General travel enthusiast. Social media buff. Zombie maven. Communicator.”