Profile picture
Ben Darlow @kapowaz
, 15 tweets, 5 min read Read on Twitter
My wife’s iPhone X was snatched out of her hand in Clerkenwell just over a week ago. It obviously immediately went offline and wasn’t trackable, so we put it in Lost Mode with my mobile number.
It was insured, so we began the process of sorting it out, buying a replacement phone whilst we waited for the insurers to deal with it. A police report was filed, and replacement SIM issued.
Tonight, I received a text message telling me that the stolen iPhone had been found, listing the IMEI number and to log in to check its location.
At first I tried to log in, but for some reason it wasn’t auto-populating the saved password. I manually tried entering my wife’s password but that didn’t work either.
Then I remembered that early last week she’d mistaken received an SMS from Quiqup meant for their rider fleet, which I was curious about, so I’d logged into Find My iPhone just in case. Seeing this login attempt, she changed her password quickly.
I didn’t know the new password, so I wasn’t able to log in, and so I waited for her to come home. In the meantime I received the second message you can see in the screenshot above, so I opened the link again. This time I got an SSL error with the site. Weird.
Only then did I notice the domain name not being apple.com. I tried hitting the site on my laptop and it redirected me to iCloud.com. Weird. I tried visiting the exact URL and it took me to this sophisticated — but plainly fraudulent — phishing site.
Not longer later my wife came home, and found she had a real message on her Apple Watch about her phone being online (it was still paired to the old phone), so we logged into iCloud.com (with her new password).
Since the phone had to have been online in order for them to get my number from the Lost Mode screen, it was able to briefly ping its location back to Apple, revealing it was now in a town called Baufarik, in Algeria.
As far as I can tell, this building at the T-junction in the middle of this photo is where it was last. Maybe one day I’ll visit it.
No chance of getting it back now, though, so only one thing left to do.
I like to think of myself as relatively clued-up on the various social engineering scams out there, but this one completely blind-sided me, because obviously being shaken up by the theft made me vulnerable.
The stolen iPhone had 2FA enabled, but even so, if it hadn’t been for @quiqup’s gaffe last week, I’d have given away the *real* password to my wife’s iCloud account. Who knows what headaches that could have caused.
So, in summary: if you have your iPhone stolen, be extremely wary of messages about your phone having been found. If in any doubt, visit iCloud.com directly in your browser!
Update:
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Ben Darlow
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @kapowaz see all

Profile picture
In the early 90s I really hated Man Utd. Even as an obviously fantastic keeper it was hard to give Peter Schmeichel more than begrudging respect. Then on April 8th 1996, David Busst horrifically broke his leg in a tackle at Old Trafford. #90sLegendDay
I’ll never forget how the players reacted to that injury. Everyone stopped in their tracks and made helping poor Bussty their only priority. Peter himself was sick on the byline, visibly traumatised by the terrible leg break. #90sLegendDay
Something about the sight of these players reacting this way changed how I saw them. They weren’t just abstract opponents any more; instead they were just human beings, genuinely concerned for one of their own, and in particular I was moved by Schmeichel. #90sLegendDay
Read 4 tweets
Profile picture
My TODO list for pre-baby arrival is starting to resemble the pre-wedding checklist, only with just a week to do it, and a sort of Tower of Hanoi space-juggling puzzle dimension, plus intense physical labour.

👶🏻🗓 D –11
Flat pack furniture is like Lego with all the fun surgically removed.

And lots of polystyrene.
☑️ Built a chest of drawers/changing table
☑️ Built a wooden toy chest
☑️ Put my Eames chair into longterm storage (😭)
☑️ Installed a carbon monoxide alarm

👶🏻🗓 D –9
Read 5 tweets
Profile picture
2018 has not been a good year for the @districtline so far, but today’s debacle at Richmond really takes the biscuit.
@districtline District line trains can arrive on platforms 5, 6 and 7. The latter two are adjecent, but frequently the boards will report a train departing from 5, then switch to 6 or 7 (or vice versa)
@districtline I’ve asked station staff previously and they say they have no idea what platform a train is arriving into until it pulls in, at which point they correct the boards. But by then there’s usually a few hundred people stood along the length of the platform.
Read 8 tweets

Related threads

Profile picture
Over a week ago I asked Bernie Sanders' office for comment. No response.

Vermont’s Only Black Woman Lawmaker Dropped Her Reelection Bid Because Of Racist Threats. Progressives Say The State Needs ''Introspection.'' buzzfeed.com/rubycramer/kia…
Kramer's piece cites this about Sanders on Morris.
But Sanders' office released a statement a few days later.
Read 4 tweets
Profile picture
Does AUSA Moira Kim Penza, prosecutor in the fed. #NXIVM #RICO criminal racketeering case, realize that her indictments of #NXIVM leader, Keith Raniere aka "Vanguard," last March, may have affected the outcome of the 2018 Mexican Presidential Election? #ArizonaMafia #Democrats
Moira Kim Penza is 1 of the main prosecutors in the federal #NXIVM #RICO criminal case. A #RICO case is very serious; it is 1 of the most complex types of prosecutions the U.S. Government can initiate. Moira's boss is Richard P. Donoghue, U.S. Atty for the Eastern District of NY.
Penza is a smart lawyer. According to publicly available information, she studied at Cornell Law School, a private Ivy League University located in Ithaca, New York. Cornell was ranked the #13 law school in America, out of 203 law schools, by U.S. News & World Report, in 2018.
Read 117 tweets
Profile picture
Over a week ago, I went to a #FamiliesBelongTogetherMarch in North Carolina and I'm 99 percent certain two young, white people there were white supremacists surveilling communities of color. Which I'm sure sounds totally nutty to some of you.
A young white man with a shaved head, without any press credentials, had a professional camera and he was filming the speakers and laughing when they talked about children in cages.
He kept making eye contact, but never verbally communicating, with a young white girl who was at the march alone. When we marched to the second location, she was taking pictures not of what was happening on stage, but of immigrant mothers in the audience and protestors of color.
Read 14 tweets
Profile picture
PSA: Be alert and aware when using your phones. I had my iPhone X literally snatched out of my hand in a nice part of San Francisco (Lower Haight) two blocks from my house. Same thing happened to @PranavDixit () and nearly happened to @miekd last week.
iPhone theft was growing in SF (and elsewhere) until Apple made it more difficult to use stolen devices by adding Activation Lock (AL) in iOS 7. AL forces you to sign in with your iCloud account (even on reformatted devices) to disable Find My iPhone before the device is usable
For the most part, AL works great and led to a significant reduction in iPhone theft since the difficulty and therefore the cost to the thief went up considerably. Making nefarious acts economically unfeasible is one of the best ways to reduce them. This changed recently.
Read 17 tweets
Profile picture
Remember how my iPhone got stolen by bikers who snatched it from my hand last week? I have reason to believe that the thieves are now trying to get me to reveal my iCloud password to reset it using an ingenious scam. It's useless to them without the iCloud password (thread)
So when my iPhone got stolen, I put it into Lost Mode using Find My iPhone via iCloud, and put in my wife's number as a number to get in touch with to display on the screen, in case a kind soul found it. This is an SMS she got today.
The link in that SMS leads to a page that looks...quite similar to Apple's own Find My iPhone page. Here's the fake page on the left and Apple's real page on the right for comparison.
Read 10 tweets
Profile picture
1. Catching up on #Q post analyses: #QAnon had mentioned a reference to Deep Dream on Feb 18. Looking into it took time because it took 96 hours to process my 90 second video

from this:

into this: - rather devilish!
2. It turns out that #QAnon had confirmed to us then that

DEEP DREAM= TWITTER, & that it was related to the sudden loss of twitter followers that many of us had suddenly sustained very shortly after #Q's post. But what @Snowden had to do with it was a matter of much speculation
3. So, since then, #QAnon posted last Sat an interesting bit:

"Projection.<-----------------------------Attribution of blame outward
Russia>D/HRC<------------------------We're supposed to think not DNC
Twitter Bots>GOOG operated (not Russia)/Narrative & Political <-Google!
#Q
Read 17 tweets

Trending hashtags

#Russia #suicided #MMT #WellsFargo #NotTrue #China #MexicoCity #ElectionObservers #entrepreneurs #NXIVM #socialismo #dictatura #games #linux #SiliconValley #electronians #FARA #gunviolence #publichealthissue #internet #technology #AfricanElections #SetLagosFree #jtbd #TRUMP

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!