05 Aug 2016
iOS devices are known for their security, but where there’s a will, there’s a way.
One convenience of owning an iOS device is the ability to track your phone or tablet using Apple’s “Find iPhone” app. If you’re unable to find your device, you can use the app (either on a computer or another iPhone/iPad), to ping your lost device. Once located, the owner can choose to have the missing device make a sound, you can remotely erase the device, or you can turn on Lost Mode mode, which locks it down and does not allow anyone to access it, in case it is stolen.
Hackers are using this lock down method to make a quick buck. They login to your Apple ID using stolen credentials and lock your iPhone or iPad. They then send a ransom via lock screen and demand a payment of $50 to unlock it.
The ransom, however, is not the worst part of this hack. Once paid, the device is easily unlocked by the hacker via Touch ID or passcode.
However, the cybervillain now has access to personal data, such as the your email address, phone number, physical address, etc., which is bad in and of itself, but adding to the potential danger is that the hacker can also change crucial account information such as the password and security code. And if you have yet to enable two-stepverification, this cyberthief might just do it for you by using his/her email address and phone number. What does that mean?
Getting access to your Apple ID account just got a whole lot more difficult. Hackers are using the extra security measure against you.
Two-step verification works by requiring not only a password, but also a second form of confirmation when logging into an account from a new or unknown device. Let’s say you were at your friend’s house checking your account; Apple would not allow you to login until it sent you a text wi a unique security code. If a hacker was trying to login, they
would not be able to attain the code and thus would not be able to hijack your phone.
But if you do not have this enabled, the hacker could turn it on using his/her email address or phone number. And while you’re busy regaining control of your account, the hacker has unlimited access to all the information stored on your iCloud account, such as pictures, emails and even payment information.
In this scenario, there are a few simple steps you can take to ensure that you are not victimized:
- Always opt for two-step verification. It might be a little annoying from time-to-time, but it works and a minor inconvenience can help you avoid the major inconvenience of being ransomed and victimized.
- Choose a secure password. At the very least, change your password regularly, especially if you use the same one repeatedly. For more tips on creating a strong, secure password, read this blog post.
Criminals can be creative, not only in real life but in the cyber realm, as well. This means it is up to you to stay on top of the latest criminal trends so that you can stay a step ahead. Subscribe to my blog for the latest hacks and how best to protect yourself and your business from the hackers, and do not hesitate to contact us if you have any additional questions or concerns.