User profile for user: justixia
justixia Author
User level: Level 1
12 points

Possible hack on Icloud accounts URGENT!

Hi. At the time of writing I just experienced 2 Lost Mode hack phishing attack.


Last night unexpectedly my iphone 7 ios 10.3.2 went on Lockscreen with a lost mode code and a write to: ******** and no way of bypass this screen. Once the device was connected on itunes it gave me a locked account. I obviously rushed in restoring and setting a new password and on the email connected to the Apple Id and forced to a restore which is always very annoying..


Sadly this morning while talking to the Apple customer centre to report it and understanding I was asked how many Apple devices are using such ID and I thought of my Ipad pro which I did not turn on at all last night..


Bang! even the ipad device had such lock and the support tried to share the view unsuccesfully ( of course..) Although he took notice He failed to tell me that the problem may be ( or surely is ) the icloud accounts especially those who got the find my iphone ON . Im not browsing unlegit or playing with my phone and tablet ..both work devices and I was scared my old macbook could be also affected and lucky for me it was not.


Be aware and change all password relate to icloud this exploit MUST be taken into account for urgent FIX asap.. Very disappointed as I never EVeR had such issue on the so called UNsafe devices ( Android )


Admin please delete the 2nd message on the iphone accessories as I can't move or delete the post..

<Email Edited by Host>

Posted on Jul 23, 2017 6:43 AM

Reply
8 replies
User profile for user: Saifan Pilot
Saifan Pilot
User level: Level 6
8,747 points

Jul 23, 2017 7:38 PM in response to bouncinballs

These are scams and should be ignored


1. Identify and report phishing emails and other suspicious messages: https://support.apple.com/en-us/HT204759

2. Annual Reminder- Watch out for email Phishing Scams: https://blog.macsales.com/40094-an-annual-reminder-watch-out-for-phishing-scams? utm_source=xlr8yourmac

3. Identifying fraudulent "phishing" email: https://support.apple.com/en-us/HT204759

4. Beware of Browser Pop-Up Tech Support, Phishing Scams: http://blog.macsales.com/29155-beware-of-browser-pop-up-tech-support-phishing-sc ams

5. Phishing & Other Suspicious Emails: http://www.apple.com/legal/more-resources/phishing/

6. Avoid phishing emails, fake 'virus' alerts, phony support calls, & other scams: https://support.apple.com/en-us/HT204759



● If you receive what you believe to be a phishing email that's designed to look like it’s from Apple, please send it to reportphishing@apple.com.

● To report spam or other suspicious emails that you receive in your iCloud.com, me.com, or mac.com Inbox, please send them to abuse@icloud.com.

● To report spam or other suspicious messages that you receive through iMessage, tap Report Junk under the message, or take a screenshot on your iPhone, iPad, iPod touch, or Mac and send it to imessage.spam@apple.com.

● If you receive a suspicious message about your purchase activity in the iTunes Store, App Store, or iBooks Store, contact iTunes Support.

Reply
User profile for user: Michael Black
Michael Black
User level: Level 10
80,635 points

Jul 24, 2017 6:02 AM in response to CurvyFiddle

Your post indicates your AppleID you use with iCloud was compromised. That does not indicate anything wrong with iOS or your device. Your AppleID is the key to the kingdom of all accounts you have with Apple. If it is compromised, yes, the person with your password can lock your devices, charge purchases to your account, read your iCloud email, etc.


You need to secure your AppleID - If you think your Apple ID has been compromised - Apple Support

Reply
User profile for user: justixia
justixia Author
User level: Level 1
12 points

Jul 23, 2017 11:10 PM in response to bouncinballs

Like I wrote in another similar thread: You need to Restore your devices Im afraid..just like I did.


We are all aware of the Phishing scam problems BUT this is NOT one, I mean is not spreading through opening an email because in my case it did not happen at all, I use gmail app andI have NO phishing email open ,I have a serious filter andd I know what t o do in case of phishing attempt, This must be some else , I did report the happen to Apple and by talking to the Support.


Come on ..the usual 'Textbook' answer..someone was able to steal Apple ID's and acting through Icloud Find my Phone..is not rocket science, or are we all become stupid not to know how to handle a phishing email, and in that case how an email can change you Apple ID and put it on Lost mode? the procedure is quite long...

Reply
User profile for user: CurvyFiddle
CurvyFiddle
User level: Level 1
4 points

Jul 25, 2017 6:30 AM in response to justixia

This happened to me last night /today. Woke to find please authenticate messages on my iPad and iPhone - they'd been switched to Find my Phone mode and reported lost.

Disallowed and checked emails from Apple (below). Rescued my iPhone and iPad by logging into apple ID and changing password - but my 5 year old iMac pro has been locked and a pin added and the same email address suggested to unlock it

mailto: *****@gmx.com


Was emailed by Apple

Lost Mode enabled on x's iPhone.
This device was put into Lost Mode at 12:02 PM PDT on July 23, 2017.
Use Find My iPhone on an iOS device or visit icloud.com/find on a Mac or PC to take additional action.


And then this (identifying details removed for privacy)


x’s iPhone was found near [home address] Australia at 12:02 PM PDT.
Your iPhone’s last reported location will be available for 24 hours.


then this

DearX

Your Apple ID was used to sign in to iCloud via a web browser.

Date and Time: July 23, 2017, 12:02 PM PDT

Operating System: Windows

If the information above looks familiar, you can disregard this email.

If you have not signed in to iCloud recently and believe someone may have accessed your account, go to Apple ID (https://appleid.apple.com) and change your password as soon as possible.

Apple Support


Phoned Apple and they won't unlock without proof of purchase. Don't have receipt but still have both the box it came in and the carry bag I bought at the time....and the iMac clearly shows in my Apple ID screen......


urgghh......

<Email Edited by Host>

Reply
User profile for user: Michael Black
Michael Black
User level: Level 10
80,635 points

Jul 31, 2017 12:31 PM in response to CurvyFiddle

CurvyFiddle wrote:


I understand that the Apple ID has been compromised and have followed all the instructions...it however hasn't yet achieved getting my iMac unlocked.....and Apple Support is 'bring your proof of purchase to the Apple Store'. It's five years old. Ironically, though I don't still have the invoice/receipt...I still have the box it came in.

Any chance the receipt is in the box? I keep the boxes too (their handy when moving or if you ever need to ship it) and I just put the receipt in the box.


Do you now have control of your AppleID? Can you login to your account at www.icloud.com and remove the Mac from your list of devices? On a Mac you can also try a PRAM reset (power cycle the Mac while holding down Cmd+opt+P+R) and then restore from a Time Machine Backup or clone an external cloned hard drive back to the internal drive.


Find my Mac is not as secure as find my iPhone or iPad and there are numerous published methods to defeat it. However if you use a firmware password, that may complicate things. Even if find my Mac is defeated, your Account area is still subject to access only with your login password.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Possible hack on Icloud accounts URGENT!

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up