User profile for user: boad123
boad123 Author
User level: Level 1
28 points

"Your iPhone has been compromised"

So last week during Wednesday's night, I was browsing the web on the Google App I installed (not Safari) on my iPhone 7!! And then I accidentally click on a phishing link that read "your iPhone has been compromised" I then freak out and start deleting all my pictures and personal data on my phone. I later believe my iPhone was infected then I start reading on the Apple website that "iPhone's cannot be infected unless their jailbreak" my iPhone isn't jailbroken!!! And that the link I clicked was a scam link. So on Thursday, I install Ios 14. On Monday this week, I later change my Apple ID password but then on Tuesday Night! I go to Settings and check "Passwords" and then it says "13 of my passwords have appeared in a data leak". I 100% KNOW THIS IS RELATED TO THE LINK I CLICKED ON THE PREVIOUS WEDNESDAY NIGHT" I changed all my passwords and deleted the ones I'm not using anymore.


Since Tuesday I haven't touched my phone yet, but I'm so paranoid that the situation is not over. My next opinion is to either go the Apple Store so they can see for themselves or are factory reset my phone or buy a new iPhone. I'm SUPER PARANOID, PLEASE HELP ME!!!


[Re-Titled by Moderator]

Posted on Sep 25, 2020 12:18 PM

Reply
Question marked as Top-ranking reply
User profile for user: Lawrence Finch
Lawrence Finch
User level: Level 10
229,918 points

Posted on Oct 13, 2020 8:15 AM

There are databases of user ids and passwords that have been stolen from businesses and websites. Apple compares passwords that are in the Keychain app on your phone with that list, and tells you about the ones that appear both in Keychain and the list maintained by security teams. To see the list Apple has compiled go to Settings/Passwords and tap on Security Recommendations. If you have received a message telling you that your passwords have been compromised that is a scam; Apple will never send you such a message.


You can check to see if your user IDs and/or passwords have been compromised by going to https://haveibeenpwned.com. You can search for your users IDs, or click on Passwords on the site and see if any of your passwords are on the list.


You can also register with the site to be notified if any new data breaches have compromised the password for any of your email accounts.



View in context

Similar questions

20 replies
User profile for user: Lawrence Finch
Lawrence Finch
User level: Level 10
229,918 points

Oct 13, 2020 8:29 AM in response to Terrabeat

Terrabeat wrote:

Interesting. So even though it's Apple who is telling me about the leaks, you're saying I have to take the odds that not one of the 367 sites that Apple's told me I have a problem with will tell me independently that I've got a problem. I'm sorry. Can't do that.

Businesses are required to tell you if your credentials have been compromised. Some do, but many don’t. And many don’t know they have been compromised. However, if you reuse passwords your account on a site that was not compromised can still be hacked into using that reused password. For example, you log in to Widgets.com with your email address and the password “xyzzy”. Widgets.com was hacked, so your email address and “xyzzy” are now in the hands of criminals. They can now attempt to long in to every bank in the world using your email address and “xyzzy”, and, if they are lucky, they will find your bank where you reused “xyzzy” as your password. As they have computers, they can create scripts to try your email and “xyzzy” on all banks, all businesses, etc until they find one where you reused the password. And the scripts can run through all compromised email addresses and well as compromised passwords, even though there are hundreds of millions of compromised accounts.


The bottom line is that if you reuse passwords you will be hacked; it isn’t a question of “if”, it’s just “when”. One thing you can do to protect yourself is to use 2 factor authentication on all accounts that offer it. Another is to use very strong passwords, meaning at least 12 and preferably 20 random characters. Keychain can generate strong random passwords for you.

Reply
User profile for user: Tex_9455
Tex_9455
User level: Level 1
4 points

Nov 5, 2020 7:35 AM in response to 02-lirpA

Just because a password is listed as breached doesn’t mean that all of your accounts were instantly compromised. It’s merely a flag to alert you potential issues. There’s not a quick fix to this problem, and the process to remove the threat can be tedious but worth it in order to protect yourself from something like identity theft.


You’ll want to identify the most important passwords to change first (banking, Apple ID, etc. ) and come up with unique passwords for them. Upgrade to two-factor authentication if available and store these passwords in a secure location. You can then move on to changing the rest of the passwords or deleting the accounts if necessary. There are also third party apps that may be able to help you manage this or you can reach out to Apple Tech Support (phone or chat) for guidance, questions, or concerns.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

"Your iPhone has been compromised"

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up