I got an iMessage from a gmail account that looked like an address that a real person might use. It said,
There is like a one in a million shot that this guy got an old iPhone of mine from eBay. I don’t think so, but remotely possible.
So how did this guy get my name and email/phone to send the message? The odd thing is - if he got an old iPhone, it would have been connected to an Apple account “owned” by “George Jetson,” not me, and with an email that’s essentially a dead drop. I can’t figure a way he would get my name/contact info from a locked iPhone anyway.
I’m also intrigued because there is no phishing link, which I would expect in a scam.
Well, I’ve done this…
I bought a phone off of eBay, found out it was locked (after I fixed it enough to get it to power up), and contacted the owner. He said it was stolen from him, and was happy to get it back.
So I’ve never owned an iPhone, but I wonder if turning off Find my iPhone or providing the passcode would compromise your current phones (if you use the same passcode for it).
Let’s see, an anonymous stranger contacts you via email, claims to have your personal property, and is asking for not just personal, but security-related information. Sounds totally legit.
I had a 6, which I used as a phone to loan guests if they visited me here. One neglected to return it recently, which I didn’t really care too much about. It wouldn’t expect this person to lose it or sell it on eBay, but I can’t totally rule that out, which is why I say there’s a one in a million chance this happened. But again, it wouldn’t have my name/email on it.
Yeah, but what’s the angle? That’s what I’m curious about.
That’s what I would do. Delete the message and never think about it again.
On the off chance that that’s the case, I like the idea of having him send a picture of the phone (and, for good measure, the IMEI number). But even still, if the phone still shows up on the OPs iCloud/find my phone, I’d suggest not unlocking it, but erasing it. Even if this is all 100% legit, you still don’t want them on one of your old devices, with all your info still on it.
But I’m going with fake. They probably just picked random numbers and asked for passcodes. With the number and passcode, they can probably get more access through iCloud than you’d like them to have.
Go to iCloud and see how much info you need to get into an account. He already has your phone number and he’s asking for your passcode. Can you get in with just that? If not, the next question will probably be “no, that didn’t work, it’s asking for a password, do you know what the password was on this phone?” or “it’s asking for an email address now”. Once he’s in, he’ll have control over you iCloud account, your current phone (if it’s an iPhone), the ability to buy things, like iTunes gift cards, if you have a credit card attached to the account etc.
Don’t even bother with it (unless you want to string him along for a while). If you really want to do something about it, report it to Apple.
ETA, and maybe change your itunes/icloud password just in case.
If someone borrowed it and did not return it, it’s stolen.
Contact your prepaid provider and see if you can get them to brick it.
When the person borrowed it, did s/he register it under his own iCloud account? You might want to contact the borrower and let him know of the odd request you got. If it was registered to an account associated to your throwaway address, maybe that’s where you need to go to see if it’s registered - and brick it there.
Whether the person contacting you is legit or not, there’s zero benefit to you to engaging the person.
And I’m pretty sure there are ways to get around simple passcode locks, so the person might have done this and gotten just enough info to figure out who owned the phone, and then it’s relatively simple to track you down.
I don’t think there is. Wasn’t that a whole big thing a few years ago when the police confiscated a phone from someone that shot up a mall, but Apple said that not even they could get past the passcode. There’s no backdoor.
I’m confused a bit, did the guy send you a text message or an email? You say he sent you an iMessage, but you’re also asking how did he get your email.
Either way, he claims he has an iPhone 6s Plus, you say you had an iPhone 6. He doesn’t have your phone, apparently.
It’s a scam. One of angles might be to see if you’re the kind of person who will disable security features and send passcodes to strangers without asking questions.
The trick by the scammer is to send out load of these, your email might be harvested from almost anywhere - its simply a matter of chance that the model of phone was one that you have owned.
Others got the same message but the guess of the previous model of phone is likely wrong - fire out enough messages like this and eventually the scammer will hit the right combination with some of their messages, and those where they didn’t are no problem because they won’t ever respond.
There’s a non-zero chance this has nothing to do with a phone. Any phone. Since most people (not excepting yours truly :() are somewhat lazy about reusing passwords/passcodes, anyone who responds to the request has given the scammer a valid email and password combination; then said scammer can use that combo to attack other accounts the respondent may have. And especially since the Equifax attack, I’d be willing to bet there are one or more lists out there linking email addresses to bank and credit accounts.