Friday 13 is the day when you can expect anything… but I didn’t. It was my ordinary day, I was working at my computer… it was quiet around and I felt comfortable… until I noticed a weird message on my phone’s locked screen. It said: “Dlya polucheniya parolya, napishite na e-mail: helpicloud3@gmail.com” that was in Russian but written with English letters and it meant “To get your password send an e-mail to helpicloud3@gmail.com”. I was pretty surprised to see such message. I don’t usually share my Apple ID email address. But I definitely knew that my Apple ID was hacked. So, I went to http://ifrogot.apple.com and resetted my password immediately. After that I decided to give it a try and see what would happen if I send an e-mail there. And I received this reply:

File_000

Which meant:

Your device is locked. To unlock your device send 1500 rubles on Beeline account # then attach your receipt and we’ll unlock your phone in two hours.
You can pay online with your credit card (Visa/MasterCard) URL
You have 12 hours to pay. After that your device will be erased (all the information, media and photos) without password recovery(which we’ve set up).

That looked threatening…

So, how does this scam works?

A hacker gets access to your Apple ID account (I this case I don’t actually know how did they do that and where I exposed my Apple ID). With that account information they sign in into your iCloud. After that, they switch your iPhone to the Lost mode using Find Your iPhone feature. And they add a Lost iPhone message, which you can see on your phone’s locked screen. So, actually there’s nothing serious happened yet, but they hope you’d be threatened and would act rather than think first.

What to do if this happened to you?

First of all – Stay CALM! Nothing bad happened yet! Just try to unlock your iPhone from the locked screen. In my case I could do that. Then change your Apple ID password ASAP using http://iforgot.apple.com (this requires you to have an access to the e-mail address you use for your Apple ID – there is one possible problem here, but I’ll talk about it later in this article.) Get into your Apple ID account and sign out your Apple ID from all other browsers. To do that you need to use Sign Out Of All Browsers option on the iCloud Settings page.

File_001

After that change your password once again. To be 100% sure nobody else can change it ever since.

How to avoid such scams?

  • Try to keep your Apple ID in secret. This can help you to avoid hackers. Keep them unaware of your Apple ID. (I was hacked because I exposed my Apple ID somewhere, I’m sure about that)
  • Use another e-mail service address (e.g. Gmail, Yahoo and so on) for your Apple ID, as I mentioned above, if you’ve got your Apple ID from iCloud you may get into the situation when your recover e-mail is not available for you to receive a new password since it’s hacked. Because a hacker gets access to both your Apple ID and recovery e-mail at the same time. You definitely don’t want to be in the situation like that. (I have my Apple ID registered with Gmail address this definitely saved me.)
  • Use a long and strong password. At least eight characters or more. Lower case and uppercase letters, numbers and special characters. Avoid simple words and dates.
  • Set up the Two-step verification for your Apple ID. You can do that from your Apple ID settings here: https://appleid.apple.com (I could’ve done that earlier to secure my Apple ID.) This is highly recommended security feature.

Keep your Apple ID safe!