Your iPhone becomes nearly useless to a thief when marked as lost due to Apple’s Activation Lock. Despite this, criminals have developed strategies to circumvent these protections. According to Infoblox Threat Intel, cybercriminals use fake Apple pages, deceptive texts, and Telegram-based tools to trick stolen iPhone owners into revealing their passcodes.

The Mechanism of the Scam

Infoblox Threat Intel tracks cybercriminal activities by examining DNS, the internet’s directory system. By monitoring suspicious website traffic, researchers identify fake domains, phishing pages, and scam networks. Thieves exploit the lost iPhone feature by using the contact number you provide to trick you into giving your passcode.

Researchers found that thieves prioritize reselling devices over the data stored on them. Obtaining your passcode enables them to bypass protections, erase data, and sell the phone.

Join CyberGuy Live: Lock Down Your Phone in 30 Minutes (Saturday, June 13, 10 am ET)

In a free online session, Kurt the CyberGuy offers steps to bolster phone security. This includes enhancing privacy settings, identifying scams, utilizing security tools, and providing a checklist for protection.

The Anatomy of the Scam

In one instance, after an iPhone theft, the victim received a link to a fake Apple site claiming to show the phone’s location on a map, requesting the PIN code. If entered, the thief gains control of the phone.

A locked iPhone has limited resale potential. Unlocking allows for data wiping and detaching from the Apple account, increasing resale value.

Tools and Costs Involved

Telegram groups sell unlocking services, targeting various iPhone models. Services include tools to disable Find My iPhone, fake login pages, and AI calls impersonating Apple. Costs range from $5 to $50, averaging below $10, making the scam accessible to more individuals.

Fake Text Messages and Phishing

Scam messages are personalized using details from your phone or linked accounts, such as your name and device info. After acquiring credentials, criminals may unlink devices and prepare them for resale.

The Rise in Scam Domains

Researchers identified over 10,000 scam-related domains, using names resembling Apple’s support pages. Verified smishing domain traffic increased 350% in 2025 compared to the previous year.

Defensive Measures Against Scams

If theft occurs, scammers exploit your urgency. Beware of messages imitating Apple’s support that ask for your passcode.

• Never enter your passcode via text links.
• Access Find My directly from Apple devices or iCloud.
• Skepticism towards recovery messages is wise.
• Use robust passcodes to enhance security.
• Ensure Activation Lock is active.
• Do not quickly remove the device from your Apple account.

Android’s Vulnerability to Similar Scams

Android phones face similar scams with fake Google, Samsung, or carrier messages. Advice remains consistent: avoid links from messages and navigate to official platforms independently.

Final Thoughts

Criminals exploit Activation Lock challenges with sophisticated scams. Caution is your ally; use official tools to protect yourself. If your phone is stolen, avoid responding to suspicious messages and prioritize device security.

Download the Fox News App

Should phone makers and wireless carriers enhance measures against phone resale, or is personal device security primarily the user’s responsibility? Share your thoughts at CyberGuy.com.

Subscribe to CyberGuy Report for tech tips, security alerts, and deals. Visit CyberGuy.com for scam awareness and protection strategies.