Many iPhone owners rely on Apple’s Find My feature after losing a device. Criminals now misuse this reliance by sending messages that mimic the official recovery process. Pretending to be Apple Support, the fraudsters seek login details to access cloud backups, photos, financial records and other private information. The Indian Cybercrime Coordination Centre, established by the Ministry of Home Affairs, has warned of a phishing operation that links device theft with credential theft. Its National Cybercrime Threat Analytics Unit detected the campaign aimed at owners of lost or stolen iPhones now held by offenders. The advisory explains that the perpetrators send fraudulent SMS messages resembling Find My iPhone or Apple Support notices. The links lead to fake login pages that capture Apple IDs and one-time passwords. Once obtained, the attackers remove the original Apple ID from the device. Experts note that a locked phone can still reveal a number, notifications or emergency contacts. Scammers use these details to craft convincing messages claiming the device has been located. The real goal is control of the owner’s digital identity rather than the hardware itself. The timing exploits the owner’s distress, making them more likely to click links or share codes. After credentials are taken, attackers can disable security features such as Activation Lock, increasing the device’s resale value while exposing the victim to identity theft and fraud. Officials advise against acting on urgent messages and recommend verifying any request through official channels before responding.
