A scam is currently making headlines in the USA, Europe and Asia, in which Apple users can lose their entire digital existence (see also editorial in Mac & i 2/2023). Criminals are exploiting an attack possibility that is inherent in each of the more than one billion active iPhones. The amazing thing is that Apple itself sees no gaps here.
Specifically, it is about the iPhone PIN, also known as a passcode or code lock – usually a four to six-digit number sequence that allows access to the device. It is queried after every restart and also whenever biometric access forms such as Face ID or Touch ID cannot be used. Every user has come up with such an access code as standard when setting up the device.
- Crooks specifically spy on iPhone PINs, then steal the devices to take over the Apple ID.
- In the worst case, the scam locks users out of their entire digital existence.
- Additional passwords are often attached to the Apple ID.
- Unfortunately, Apple makes the acquisition surprisingly easy.
- At the moment only emergency solutions help. So far, Apple has not announced an update that improves the behavior of iOS.
But what many do not know: With a stolen iPhone and the PIN alone, an attacker can cause far more damage to the victim within minutes than the material loss of the device itself would mean. If the attacker has also spied on the victim’s PIN, he can gain access to numerous functions and options. A central element of this is changing the password for the user’s Apple account, the Apple ID – and almost everything depends on that.
