A photo of an iPhone X being held. Only the top half of the iPhone X is visible, and the home screen with multiple app icons is displayed

Mobile security company TrendMicro's research team published a blog post last week detailing findings they've uncovered regarding the theft of iOS devices. In their investigation, they found an alarming intersection of physical crimes and online scams: fraudsters are using phishing techniques to unlock the iPhones they've stolen.

According to TrendMicro, this is a worldwide phenomenon, with individuals from Ireland and the U.K. to India, Argentina, and the U.S. being targeted. The global market for stolen iPhones is vast and, as the company notes, profitable:

Last year, stolen iPhones were sold in Eastern European countries for as much as $2,100. In the U.S. 23,000 iPhones from the Miami International Airport, valued at $6.7 million, were stolen last year.

Essentially, once an iPhone is stolen, the thieves will spoof an email or SMS text that looks as though it's from Apple to send to the victim saying that their phone has been found and asking them to click a link to move forward in the retrieval process. However, once the victim clicks that link, it compromises their iCloud credentials, which subcontracted third-party iCloud phishing services will then use to unlock the device. These phishers use tools such as MagicApp, Applekit, and Find My iPhone to complete this task. When it's all finished, the device is resold in "underground and gray markets."

So, knowing all this, how do you keep your device safe? TrendMicro advises the following:

  • First and foremost, use common sense. If a link seems even remotely suspicious, don't click it or input any personal information. It's better to wait a little longer for your missing phone and verify that it is actually Apple contacting you than to jump on a fishy email just because you're eager to retrieve your device.
  • Use best practices when it comes to securing your tech. That means setting up fingerprint scanning or Face ID, setting a passcode, enabling two-factor authentication on your iCloud account, and setting up or enabling any other security features, i.e., Find My iPhone and auto-locking.
  • Regularly back up your phone so that if the worst happens, you won't lose everything.
  • Report the device's loss or theft to your carrier to deter fraudsters from reusing it.
  • Do your research when purchasing a phone secondhand. The Cellular Telecommunications Industry Association (CTIA) has a website where you can check if an iPhone has been blacklisted or stolen by verifying the phone's serial number.

For more information, check out TrendMicro's original blog post.


We're happy to answer any further questions you may have regarding iPhone security. Give us a shout in the comments, and we'll get back to you as soon as we can.

We may earn a commission for purchases using our links. Learn more.