A new scam to extort money out of Apple mobile device users has surfaced in Australia, with scattered reports in other countries as well. Affected devices are locked out via Apple’s own “Find my iPhone” platform with a message that demands a ransom payment of $100 USD to unlock the phone. Security analysts are unsure at this point as to how the perpetrators are gaining access to victim’s AppleID accounts, and so far Apple is refusing to comment on this issue. According to posts on Apple’s Support Forums, the only reliable way to unlock the device is to reset it back to factory settings and restore your data from a backup, if one was actually created and maintained for that device.
What this means for you:
So far, there is a tenuous link between some of the victims and the recent eBay hack that exposed user accounts and encrypted passwords, where the victims admitted to using the same password for both eBay and iCloud. However, several other victims of this new ransom scam did not use the same password as their eBay account, so eBay’s exposed data may not be the only source. Bottom line, you should use strong, unique passwords for online accounts, especially for the ones that are tied to important services like online banking, email and any account that has access to confidential data, either yours or your clients/customers.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net