A concerning trend has emerged involving a sophisticated method that allows thieves to gain control over iPhones, permanently locking users out of their devices. Exploiting a security setting known as the recovery key, these criminals make it nearly impossible for owners to access their personal data, including photos, messages, and financial apps.
This takeover method is intricate and involves observing the user entering their passcode or manipulating them into revealing it before physically stealing the device. Once stolen, the thief can change the device’s Apple ID, disable “Find my iPhone” to avoid location tracking, and reset the recovery key—a crucial 28-digit code designed to protect against online hackers.
Apple acknowledges the severity of such incidents, emphasizing their dedication to user security. However, users can take proactive steps to minimize the risk. Apple suggests using Face ID or Touch ID in public to avoid passcode exposure. Users can also employ a longer, alphanumeric passcode and change it immediately if compromised.
An additional, unofficial safeguard involves utilizing a secondary password within the Screen Time settings, preventing unauthorized changes to the Apple ID. Regularly backing up the iPhone via iCloud or iTunes allows data recovery in case of theft. Storing sensitive data in alternative cloud services, such as Google Photos or Dropbox, provides an extra layer of protection.
While Apple is urged to enhance customer support and authentication options, these precautionary measures empower users to mitigate the potential fallout of such security threats.