The theft of smartphones is big business, and new research has shown how iPhone thieves are able to defeat security measures designed to make stolen devices impossible to use.
Apple has built various security features into the iPhone in an attempt to make thieves less likely to target its customers. At the core of those features is the Find My network, the system that makes it possible to locate lost (and stolen) devices.
The Find My network allows iPhone owners to mark their device as stolen, preventing it from being used. Normally, a device marked as lost cannot be used until its rightful owner provides their credentials.
However, cybersecurity researchers at Infoblox have discovered websites and Telegram groups dedicated to these devices. By using social engineering and phishing techniques, even an iPhone marked as stolen by Find My can be unlocked and then sold for profit.
Fake Find My
Whenever someone loses their iPhone or has it stolen, they can use the Find My app to mark it so. They can also add a message to its Lock Screen, urging its return along with a contact number.
Apple's Find My network can be used against you
According to Infoblox's report, it's this contact number that thieves are now using as a phishing vector.
In one example, they detail someone whose iPhone was stolen in Asia. Shortly after the theft, they received a text with a link to 'applemaps-support[.]live'.
Infoblox says that this lookalike URL is one of over 800,000 that it detects each year. In this case, it opens a website made to look like the real Find My webpage, but it is anything but.
The website displays a PIN entry field, which, if used, would give the thieves access to the iPhone.
If that approach doesn't work, the thieves have more tools in their arsenal.
'Find My iPhone Off'
The researchers also discovered dozens of Telegram groups acting as a marketplace for unlocking tools. These tools come in different shapes and sizes, including claiming to jailbreak older iPhones.
Jailbreaking simply isn't possible on newer iPhones, however, so there's another option. "FMI OFF" (Find My iPhone Off) or "iCloud Webkit" are two examples of phishing tools designed to trick iPhone owners into handing over their Apple Account credentials.
The groups also offered social engineering scripts, including AI-powered voice calling software. These tools are designed to trick iPhone owners into giving thieves their passcode.
Notably, these tools are sold for less than $10 on average per device. Although they can cost as much as $50 depending on the iPhone.
How to protect your iPhone
A huge number of iPhones are stolen every day, but they're almost worthless if they're locked. It's no surprise that thieves have devised ways to unlock a stolen iPhone.
Apple's Stolen Device Protection feature is vital
Some thieves go so far as to try to steal an iPhone while it's already unlocked. For this reason, it's vital to be aware of your surroundings when using your iPhone in public.
It's also important to make sure that you have Find My enabled and that your iPhone has a strong, unique passcode. It's also worth making sure your Apple Account password is strong and unique, too.
If your iPhone is stolen, ensure that you triple-check any communications you receive about it. Especially if they claim to be from Apple. Check the domain of any links you receive. Don't give your credentials to anyone over the phone.
Apple enabled Stolen Device Protection by default with the release of iOS 26.4. It changes the way a stolen iPhone behaves to protect you and your device.
