advertisement
Forums

The Forum is sponsored by 
 

AAPL stock: Click Here

You are currently viewing the Tips and Deals forum
How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: RAMd®d
Date: December 20, 2023 06:45AM
SPOILER: Social Engineering
(Isn't it always, or mostly)

How a brazen passcode thief used stolen iPhones to rob $2 million

A convicted thief has revealed how he would trick owners into giving him their iPhone passcode — and then how he could steal their life savings.
Following Apple's launch of Stolen Device Protection, thief Aaron Johnson has revealed how vulnerable iPhones are — and still can be. Now serving up to eight years in the Minnesota Correctional Facility, Johnson talked to the Wall Street Journal about what he did, and what iPhone owners can do to avoid theft.

"I'm already serving time. I just feel like I should try to be on the other end of things and try to help people," said Johnson, who also explained how he began stealing. "I was homeless. Started having kids and needed money."

"I couldn't really find a job," he continued. "So that's just what I did." He then moved into stealing iPhones — sometimes Android but usually higher-value iPhones — after realizing how far a passcode could let him into the phone.

"That passcode is the devil," he said. "It could be God sometimes — or it could be the devil."


In late night bars, Johnson says he would typically target college-aged men because women were more alert to suspicious behavior, but the men are "already drunk and don't know what's going on for real."

He would talk with them, sometimes offering drugs, sometimes claiming to be a rapper who wanted to add them on Snapchat. The victim would hand over their iPhone, expecting Johnson to tap in his phone number and hand it right back.

"I say, 'Hey, your phone is locked. What's the passcode?'" explains Johnson. "They say, '2-3-4-5-6,' or something. And then I just remember it."

Johnson would then leave with the phone, or slip it to one of a series of co-conspirators, around 11 of whom were later arrested.

Having the iPhone and its passcode, Johnson would change the Apple ID password, and use the new one to disable Find My iPhone.

Until he did that, a victim could track and erase the iPhone, but Johnson says he was quick, "faster than you could say supercalifragilisticexpialidocious."

"You gotta beat the mice to the cheese," he explains.



More at [appleinsider.com]






I am that Masked Man.

All you can do, is all you can do.

There’s trouble — it's time to play the sound of my people.

Your boos mean nothing to me, I've seen what you cheer for.

Insisting on your rights without acknowledging your responsibilities isn’t freedom, it’s adolescence.

I've been to the edge of the map, and there be monsters.

We are a government of laws, not men.

Everybody counts or nobody counts.

When a good man is hurt,
all who would be called good
must suffer with him.

At the going down of the sun and in the morning
We will remember them.

You and I have memories longer than the road that stretches out ahead.

There is no safety for honest men except
by believing all possible evil of evil men.

We don’t do focus groups. They just ensure that you don’t offend anyone, and produce bland inoffensive products. —Sir Jonathan Ive

An armed society is a polite society.
And hope is a lousy defense.

You make me pull, I'll put you down.

I *love* SIGs. It's Glocks I hate.
Options:  Reply • Quote
Stolen Device Protection
Posted by: RAMd®d
Date: December 20, 2023 07:02AM
I wasn't familiar with this feature, so here's a bit about it:

With Stolen Device Protection active, users won't be able to change critical portions of their Apple ID or device settings without waiting an hour and authenticating biometrics twice. Theoretically, a theft victim would notice their device has gone missing within the hour window, allowing them to set the iPhone to Lost Mode and stopping device access or account changes from being possible.

Since users won't be able to rely on the passcode fallback option, biometrics will be required for various actions with Stolen Device Protection enabled.

More at [appleinsider.com]






I am that Masked Man.

All you can do, is all you can do.

There’s trouble — it's time to play the sound of my people.

Your boos mean nothing to me, I've seen what you cheer for.

Insisting on your rights without acknowledging your responsibilities isn’t freedom, it’s adolescence.

I've been to the edge of the map, and there be monsters.

We are a government of laws, not men.

Everybody counts or nobody counts.

When a good man is hurt,
all who would be called good
must suffer with him.

At the going down of the sun and in the morning
We will remember them.

You and I have memories longer than the road that stretches out ahead.

There is no safety for honest men except
by believing all possible evil of evil men.

We don’t do focus groups. They just ensure that you don’t offend anyone, and produce bland inoffensive products. —Sir Jonathan Ive

An armed society is a polite society.
And hope is a lousy defense.

You make me pull, I'll put you down.

I *love* SIGs. It's Glocks I hate.




Edited 1 time(s). Last edit at 12/20/2023 07:03AM by RAMd®d.
Options:  Reply • Quote
Re: How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: Tiangou
Date: December 20, 2023 07:56AM
Protection against thieves changing your password:
[support.apple.com]

Note the caveats! Don’t lose that recovery key!



Options:  Reply • Quote
Re: How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: pdq
Date: December 20, 2023 08:55AM
Huh. I was wondering why Apple took so long to confirm my new recovery contact.

Now I know.
Options:  Reply • Quote
Re: How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: mattkime
Date: December 21, 2023 12:36PM
I can't believe people would hand someone their wallet which happens to be their phone but people do stupid things all the time.



Options:  Reply • Quote
Re: How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: raz
Date: December 21, 2023 03:28PM
Happens all the time. (Open contacts ) “Here’s my phone. Type your name and phone number”



--------------

Embarassing myself on the Internet since 1978.
Options:  Reply • Quote
Re: How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: wurm
Date: December 21, 2023 06:01PM
I can't remember the last time I asked someone for a phone number, or someone asked for mine. Either way, I'd write it on a piece of paper or my hand or something, mostly because it's usually a pita to open Contacts and enter it on my phone at the moment.
Options:  Reply • Quote
Re: How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: RAMd®d
Date: December 21, 2023 11:44PM
I've seen one anecdote about a kid who told someone that he needed to call his mom and phone was dead or something.

She let his use her phone and he managed to get $300 from her Venmo account.

I don't know if it art imitates life or the other way round, but TV and probably movies put for the trope of Hot Girl saying 'Give me your phone' and she enters her digits.

As if.

Of course, there appears to be no lock on the phone as the Object of Her Affection hands it over without appearing to unlock it in any manner.

I lent my phone to a friend so he could make a call to his boss because he left his 'Phone at home.

Afterward, he made a subsequent call to someone else in a degree of privacy.

Assuming I'd check the number, he erased my entire Recents log because he didn't know how to delete one call, and I didn't notice until later when I want to check it for a call I got.

That's the only time anyone but Apple handled my 'Phone unlocked.






I am that Masked Man.

All you can do, is all you can do.

There’s trouble — it's time to play the sound of my people.

Your boos mean nothing to me, I've seen what you cheer for.

Insisting on your rights without acknowledging your responsibilities isn’t freedom, it’s adolescence.

I've been to the edge of the map, and there be monsters.

We are a government of laws, not men.

Everybody counts or nobody counts.

When a good man is hurt,
all who would be called good
must suffer with him.

At the going down of the sun and in the morning
We will remember them.

You and I have memories longer than the road that stretches out ahead.

There is no safety for honest men except
by believing all possible evil of evil men.

We don’t do focus groups. They just ensure that you don’t offend anyone, and produce bland inoffensive products. —Sir Jonathan Ive

An armed society is a polite society.
And hope is a lousy defense.

You make me pull, I'll put you down.

I *love* SIGs. It's Glocks I hate.
Options:  Reply • Quote
Re: How a brazen passcode thief used stolen iPhones to rob $2 million
Posted by: ADent
Date: December 22, 2023 02:16AM
I feel safe as all the good stuff on my phone is behind biometics.

But this thief was adding his face to FaceID - boom the keys to the kingdom. Damn.
Options:  Reply • Quote
Re: Stolen Device Protection
Posted by: Phy
Date: February 04, 2024 12:48AM
I need help!
I enabled Stolen Device Protection and now facial recognition won't work and I am unable to get the phone to recognize me using Reset Facew ID link.
Is there a workaround? I want to ditch that setting!



"Out of the quarrel with others we make rhetoric; out of the quarrel with ourselves we make poetry." -William Butler Yeats
Options:  Reply • Quote
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 751
Record Number of Users: 186 on February 20, 2020
Record Number of Guests: 5122 on October 03, 2020