No Gravatar

Last week, a lot of Australian iDevice users were victims of a malicious phishing scam that resulted in them being locked out of their iPhones and iPads. For a price, the scammer would give them the passcode to unlock the device. For a price!

The thing that those who were duped had in common was that they weren’t using even a simple passcode. “But”, you say, “my iPad never leaves my house and using a locking passcode is a nuisance.” Yep, security can be a pain, but getting hacked is much worse.

Apparently, the scammers were able to grab iCloud account passwords, then go in and, using Find My iPhone, lock down anything associated with that account. The unsuspecting user would go to access his iPhone or iPad and find himself not only locked out but presented with a ransom demand. Those with passcodes enabled were not compromised. Early reports speculated that Apple’s iCloud servers had been hacked and that’s how the scammers gained access, but Apple denies that their servers were hacked. It looks like those affected fell for a phishing scam. It should be noted that the scammers were not able to change any passwords, thanks to Apple’s own security measures. The most they could do was cause major frustration. The fix, in many cases, was to connect to a computer and restore from the last backup.

The lessons to be learned? At least 3 that I can think of immediately.

1. Set a passcode. A simple 4-digit number is all it takes, just don’t use 1-2-3-4 or 1-1-1-1. Do pick something significant that someone else is not likely to expect.

2. Periodically backup your iPhone/iPad/iPod touch to your computer. We know you backup your computer (right???), so be smart and backup your iDevice, too.

3. Please, please, please beware of phishing schemes. Don’t click on every link that says “click here.” Let your cursor hover over the hyperlink to see the actual address. No matter how authentic the email message looks, if you are not expecting it, treat it as potentially dangerous. The scammers are always trying to put one over on you. The Windows phone scammers were back again this week, insisting that I had a terrible problem with my “Windows operating system.” On my iMac? The sad thing is that people are falling for these schemes and paying ransoms. If they didn’t, the scammers would quit.

So, stay safe my friends. A lot of people wouldn’t have been screaming last week if they had only set a simple 4-digit code.

Share →