Photo: Donenko Oleksii/Shutterstock
It sounds like a horror to any iPhone user what that “Wall Street Journal” in a new report describes: A type of crime is spreading in the USA, which targets the iPhone and the user’s digital identity.
Victims of the scam like Taylor Ashy from New York report on how it happened: They were out in a club or in a bar. The exact memory is clouded, many suspect alcohol or drug poisoning. After the evening, the iPhone is gone, your own Apple ID is blocked, the passwords have been changed, and large sums of money are missing from the banking apps or via Apple Pay.
Tricked: This is how the scam works
The New York police, who investigate several such cases, have identified a pattern: the criminals try to trick the victims into entering the passcode to the iPhone in public, for example, the criminals ask them to use Snapchat or another social media app to open.
An accomplice secretly films the smartphone so that the correct passcode is captured on video. The smartphone is then stolen. With the right passcode, the criminals have free access to all information: They usually change the password for the Apple ID so that the user cannot report the iPhone as lost and cannot delete the data. The correct passcode allows access to the iCloud keychain with additional passwords, so the path to the banking app is not far. Most require two-factor verification on transactions, in practice, users install the TAN app on the same smartphone for convenience, so it’s easy to imagine that the criminals would have no trouble digitally wiping the victim’s bank account .
This is how you can protect yourself – the best tips
At the same time there is “Wall Street Journal” tipshow to protect yourself better once morest a passcode theft: Instead of a short code with only four digits, switch to the settings and select the “Code options” area for the passcode when entering the new code. The most secure of these is “Own alphanumeric code”, here you can enter something like a password with letters, numbers and special characters instead of a series of numbers. The method has the disadvantage that the keyboard changes to an ordinary one, the keys become quite small.
We think the Custom Numeric Code option is a good compromise. Here you can select any length of digits, aim for at least a ten-digit combination. If you have chosen an individual, memorable numerical code, you can still enter it quite quickly in practice: the iPhone offers the dialing block as with the telephone app. A ten-digit combination is not so easy to remember the first time, the brute force attack is quite tedious in this case.
After the WSJ, you must treat your passcode like a bank card PIN: when in public, enter the sequence of numbers so that no one can see them.
Our tip: Turn on attention verification for Face ID in the Face ID & Passcode setting. As a result, if someone holds your iPhone in front of your face while you sleep, the iPhone will not unlock. You should switch “Request code” to “Immediate” so that the iPhone does not remain unlocked unnecessarily.
Apple should also take action here and protect the Apple ID more once morest identity theft. Many security functions currently depend on the passcode, which for the many users consists of just four digits and an easy-to-guess sequence such as “1-2-3-4”. Even two-factor identification does not help here, because if the iPhone is unlocked, the two-factor code is sent to the same device, the criminal only has to tap “Allow” and copy the six-digit code to access the settings in iCloud or with the Apple ID. (Macwelt)
