A scam is currently making headlines in the USA, Europe and Asia, in which Apple users can lose their entire digital existence (see also editorial in Mac & i 2/2023). Criminals are exploiting an attack possibility inherent in each of the more than one billion active iPhones. The amazing thing is that Apple itself sees no shortcomings here.
Specifically, this is the iPhone PIN, also known as a passcode or passcode lock, usually a four to six-digit number sequence that grants access to the device. It is queried after each reboot and also whenever biometric login forms such as Face ID or Touch ID cannot be used. Each user has set up such an access code as standard when setting up the device.
- Fraudsters specifically spy on iPhone PINs, then steal the devices to get hold of the Apple ID.
- At worst, the scam cuts users out of their entire digital existence.
- Additional passwords are often attached to the Apple ID.
- Unfortunately, Apple makes the acquisition surprisingly easy.
- At the moment only emergency solutions help. So far, Apple hasn’t announced an update that improves iOS behavior.
But what many don’t know: with a stolen iPhone and the PIN alone, an attacker can cause the victim much more damage in a matter of minutes than the material loss of the device itself would mean. If the attacker has also spied on the victim’s PIN, he can access numerous functions and options. A central element of this is changing the password for the user’s Apple account, Apple ID, and almost everything depends on it.
