https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2025/wochenrueckblick_44.html
The Swiss National Cyber Security Centre (NCSC) is alerting iPhone users to a concerning phishing scam that aims to steal their Apple ID credentials by falsely claiming to have found their lost or stolen device.
The scheme works by exploiting the lost device feature in Apple’s Find My app, which allows owners to display a custom message on the lock screen with contact information. Threat actors are reportedly sending targeted phishing texts or messages through SMS and iMessage, claiming to be from Apple’s Find My team and stating that the user’s iPhone has been located.
These messages often include convincing details about the device, such as the model, colour, and other specifics that can be gleaned from the lock screen information. The phishing link then redirects victims to a fake Find My website, where they are prompted to enter their Apple ID and password, effectively handing over their credentials to the attackers.
Apple will never contact customers via SMS or email to report a found device. iPhone owners are advised to be vigilant, never click on links in unsolicited messages, and instead use the official Find My app or website to secure a lost device. Additionally, it is recommended to use a dedicated email address for displaying contact information on a lost device and ensuring the SIM card is protected with a PIN to prevent misuse.
This latest scam highlights the persistent threat of phishing attacks and the importance of consumer awareness and security best practices, especially when it comes to the protection of sensitive account information and valuable mobile devices.