Having your phone stolen is a nightmare situation that nobody wants to go through. Most devices these days cost a lot of money and whilst we may have insurance to cover the financial costs, it can still be a traumatic experience.

However, for some of those who are unlucky enough to have their phone stolen, this could just be the start of their problems. In this article we’re going to look at a trend that has been steadily growing in popularity, that targets users in order to not only steal their physical device but also the important personal data they have stored on the device.

A new trend in phone theft

It used to be that someone would steal your phone simply in order to re-sell it to a third-party for a quick buck. However, the trend that’s been developing since as far back as 2017 seems to be far more sophisticated.

In these cases, thieves are targeting specific groups of people with ‘high-value’ data on their phones. For the right target, gaining access to their device and/or iCloud account (or Google account for Android) can net the thieves a payday of up to $50,000. So you may be surprised at the lengths they might go to to break into your phone.

But, in order to get the big bucks, the thieves need to know exactly whose phone they have stolen. That’s why the new breed of phone-stealing criminals tend to target events such as conferences where guests will openly display their name and other details (such as position within their company) on a badge around their neck. This makes it easier to pick out a high-value target such as a high-level manager or security adviser, etc.

What happens once they have the phone?

The thieves having the device in their possession is just the start though, as almost all phones nowadays are protected with a PIN code – preventing access to the data within. Therefore, once the phone has been stolen, the next key step is to gain access to the user’s cloud account. For an iPhone, this is namely the iCloud account used to backup the device, for Android this would be Google Drive or similar. Once the hackers/thieves have this, they then have the ability to do the following:

  1. Download a copy of the victim’s device, thus gaining access to any personal data backed up to the cloud.
  2. Disable security features, such Find My iPhone, allowing the devices to be wiped and re-sold as ‘refurbished’.

The way the attackers will do this is through a variety of phishing methods. The idea is to trick the victim into entering their details into a fake website controlled by the hacker at a time when they are most emotionally vulnerable.

A typical phishing attack to watch out for is an email purporting to be from Apple/Google stating “Your lost phone has been located. Click here to login”.

These phishing attempts can happen as little as 2 hours after the device is stolen and could last for at least a month. So it’s easy to see how someone could mistake these fake communications for the real thing. Unfortunately, that’s what the attackers are relying on.

If the details are entered, the phone could then either be sold as a package with the login information to a third-party who will exploit it to their choosing or the attack will be taken further ‘in-house’.

How to help prevent this type of attack

The first thing to mention is the use of something like Find My iPhone. This can be helpful by either showing you the location of, or locking your device, rendering it useless to the attacker. For Android devices you can use Google’s Find My Device or equivalent provided by your device manufacturer.

However, all too often, users aren’t making use of these features until it’s too late. In addition, hackers can use special tools to find out if the feature has been activated and to a true professional, this feature won’t provide much of a deterrent.

That said, Find My iPhone has reportedly reduced iPhone theft by up to 40% in some parts of the US.

Here’s a run-down of what you can do to help prevent this type of attack:

  1. Setup finder apps for your device now rather than later. They can’t help you if you don’t set them up. It’s that simple. If your phone is definitely stolen, try and wipe your data from it as soon as possible.
  2. If your device is lost or stolen, then be wary of any texts that go to your emergency contact number or emails you receive. This could be the thieves/hackers trying to obtain your credentials.
  3. Activate two-factor authentication wherever possible. Even if the attackers get your iCloud details, they would still need to get past the lock screen on your device in order to verify the session.
  4. Use a lock screen! Don’t just let anyone potentially access your data.
  5. Use a strong passcode for your lock screen. Use as many characters as your device will allow. Don’t use something generic, make it impossible for someone to guess your password.
  6. Use biometrics where possible; fingerprints, FaceID, etc. These will add another layer of protection.

This type of attack is just one method that hackers use to gain access to your personal information. There are many other methods, such as installing malicious software directly onto your device. In order to protect your device, click here to check out our range of mobile device security software available for both iOS and Android.