Your iPhone can become nearly useless to a thief if marked as lost, thanks to Apple’s Activation Lock. This feature turns stolen devices into locked bricks, theoretically reducing phone theft profitability. However, thieves have found devious workarounds.
Research from Infoblox Threat Intel reveals criminals using fake Apple pages, smishing texts, and Telegram-based tools to trick iPhone owners into surrendering their passcodes.
Understanding DNS in Cybercrime
Infoblox Threat Intel tracks cybercriminal activity by studying DNS, the system enabling devices to locate websites. DNS functions like an internet phone directory. By observing suspicious web traffic and patterns, researchers identify fake domains, phishing pages, and broader scam networks.
These scams can feel personal. Thieves might have your phone, sending messages immediately after theft, with fake pages emulating your iPhone’s location on a map.
Why Thieves Target iPhone Users
Cybercriminals use fake Apple pages and texts to acquire passcodes from stolen iPhone owners. Researchers found thieves prioritize resale cash over data. With your passcode, thieves can remove protections, wipe your device, and sell it.
Infoblox discovered Telegram groups offering phone unlocking services. Some target older models, while others gather newer device info for phishing attacks. These tools include “Find My iPhone Off” kits and fake Apple login pages. The cost of entry to this underground trade is low, with unlocking attempts ranging from $5 to $50, averaging below $10.
How iPhone Passcode Scams Operate
Phone owners sometimes use a lock screen message with a contact number when losing an iPhone. Scammers use this number to reach out with texts containing links to fake Apple websites, emulating a moving phone map.
If victims input their PIN, thieves gain control. Scam sites mimic Apple’s Find My system, creating allure to stressed or desperate owners.
Scam Growth and Perpetrator Tactics
Researchers linked over 10,000 domains to unlocking tools and smishing campaigns. Many used Apple-like names. Verified smishing domain traffic rose 350% in 2025 vs. 2024.
Some tools strive to bypass security blocks, submitting fake explanations when flagged by Google Safe Browsing. Criminals not only create fake pages but also ensure they remain accessible long enough to deceive victims.
What the Scam Means to You
If your phone gets stolen, malicious messages may follow. You may be anxious, receiving seemingly helpful messages from “Apple” or “Find My.” Note that Apple never requests passcodes via random text, WhatsApp, or email links.
Strategies to Prevent iPhone Scams
- Keep your passcode secure, avoiding entry on unsolicited sites.
- Access Find My directly through another device or iCloud.
- Suspect urgency, opening rising Apple’s tools instead.
- Enable Activation Lock, by visiting Settings > your name > Find My > Find My iPhone.
- Retain the stolen phone in your Find My and Apple Account.
- Apply strong antivirus software to guard against scam sites.
- Report theft to police and your wireless carrier.
Final Thoughts
Criminals work to involve you in device unlocking, leveraging fake sites, timed texts, and deceptive maps. Therefore, take time to verify sources. Utilize official Find My tools, disregarding requests that compromise security.
AI Investments Gain Momentum Amid Investor Caution 
Highlighted Deals and Product Recommendations 
Meta Data Center Spurs Economic Surge in Richland Parish 
Tesla Faces Investigation After Fatal Automated Driving Incident 
Five Eyes Alliance Warns of AI Threats and Opportunities 
Virginia’s New Electricity Tax Targets Data Centers