If the question is asking for the Apple account information, then the most obvious answer is they will use it to access the mark’s Apple accounts. Then use that to buy gift cards to pay the IRS, or whatever it is that scammers do. Apple accounts often have active payment details loaded, so it is not necessary to enter a credit card for every purchase, just the password.
But, that’s not what the OP said.
He said the message asked him if he could remove “Find my iPhone.”
That’s not going to give anyone access to anything, other than the phone.
“… or give me the passcode to unlock it?”
Obviously I don’t know what was the real intent of the request. But if it were a scammer blasting out several thousand requests to known email addresses, and ten percent responded honestly, he (I’m presuming he) would have several hundred valid email/passcode combinations which could be used to attempt access to other accounts.
Or maybe I’m just paranoid. In any case, it’s a request that would go straight to the proverbial bit bucket.
Exactly. I’m very strongly inclined to do nothing, but there’s several things going through my mind:
- It’s legit. The guy bought an old phone of mine off eBay, which I had loaned to a friend and it wasn’t returned. (I’m checking with this friend but it may take a week or so to get a response. But I fully expect it to be an honest response, like, “OMG! I got your loaner phone and my old phone mixed up!”) Also, the phone was an iPhone 6, not 6S. Not right, but pretty close.
If that’s true, I still don’t see how he would have gotten my true name and contact info from a locked phone. First, how? Second, the phone had a bogus name and email address not linked to my real iTunes/Apple account. And he said he thought the phone was my wife’s… in fact I named the phone for my cat. My female cat.
- It’s a scam. He got my name and contact info from a data breach or something, and it’s just phishing. But sure seems like a lot of work for a shot in the dark, and as I said, some of the details are vaguely in the ballpark. But he’s also asking for stuff that I don’t see as particularly helpful. Turning off Find My iPhone lets him resell a phone if he has it. The passcode gives him no access to my Apple account as far as I can tell, if he doesn’t have the phone.
It could be a long con where it leads to more questions, but geez - that’s a lot of work for a scammer. But sure, I could see that there’s one in a million malign actors that would essentially try to spearphish me in such a manner.
So this all isn’t quite adding up to me one way or another, as I’m mostly curious as to what the guy hopes to gain if it isn’t legit. Right now I’m just going to wait to hear back from my friend if they still have the phone after accidentally keeping it from their visit.
No, he asked for the OP to remove find my phone OR for his passcode. I don’t know what it takes to log into iTunes, but I’ll be willing to bet that if that no matter what they OP responds with, as long as it appears he’s trying to work with them, the next questions will be attempting to get some more info. Either an email address or iCloud password.
As I mentioned earlier, once the person has control of the OP’s iCloud account, he can do a lot of damage.
The passcode to unlock an iPhone does exactly that - unless you are re-using a 4-or-6 digit number as a password somewhere else (which would be dumb).
So, I don’t see the point in asking for the passcode unless you had the actual phone in your possession. But, i would still not give the passcode out - I would just wipe the phone remotely, and turn off “Find my iPhone.”
Wha? The dude said he has a 6s Plus, you had a 6. That makes this incident completely not legit.
The only thing you know this dude has done is connect your name to your phone number. That is trivial. He knows you are an Apple user. Guessing you once used a 6s isn’t that impressive even if it were correct—and it isn’t! Adding the patter about a wife is just classic cold reading technique.
All the reasons given for what they could be up to (guessing that the passcode is reused somewhere else, trying to open the door to you giving more info) seem plausible enough.
The thing that doesn’t quite fit is if this is a real person interacting with you then it is hard to understand the time investment. Why not do a Turing test?
The phone might give access to a WHOLE lot of stuff, especially if it has not been wiped. There might even be ways of recovering data once it has been reset - googling gets LOTS of hits, but I don’t recognize any of the sites, so I imagine they are targeted at people who, well, have not paid for the phones they are attempting to recover.
It gives you access to the former owner’s address book and email with all sorts of scam / phishing opportunities following on. Want to get into their bank account? Just try a bunch of well known organizations, and click the “I forgot my password” link. If the password reset link just goes to the email, then the scammer now owns that account. If it prompts for mom’s maiden name? Look for similar names in the address book and give one a try, or look up the person’s Facebook relatives.
I don’t know how you would brick a phone that no longer is registered to an active carrier. It sounds like it is no longer listed on the OP’s iCloud account; if that’s incorrect, maybe you can brick it from there.
The only interaction I’d suggest the OP do with this person is “I’m afraid I have never sold a phone on eBay. If you have purchased a phone and believe that it is one that belonged to me, then the phone is stolen. I recommend you file a complaint with eBay and the owner and try to get your money back.”.
There do appear to be ways to bypass the passcode lock, e.g. this article.. Whether that technique would be sufficient for a thief to learn enough to contact the OP, I don’t know.
Actually, none of that is true.
Turning off “Find my iPhone” merely allows the possessor to set up the phone as a “new” iPhone.
It does not give them the unlock code for the phone.
So, the correct order of operations (if you want to allow the possessor to use the phone) is to:
- Wipe the phone remotely.
- Turn off “Find my iPhone”
- Remove the iPhone from your list of iDevices in iCloud.
Ah - but per the original message from the OP: "Is there any way you could either remove Find My iPhone, or give me the passcode to unlock it? "
If the OP were to give the passcode without wiping it, then the person with the phone could get in and commit some mischief.
Wiping the phone is the real key here, as you noted. But I don’t think the OP wants this person to use the phone (if the person actually has the OP’s phone).
The one time we had to deal with a stolen iPhone (my husband’s - snatched out of his hand on the Metro) we had the phone company brick it within an hour and then I guess we did the wipe etc. via iCloud. When we sent my daughter’s iPhone in for an insurance replacement, I do know we had to turn off “find my iphone” when we returned the old one.
So, assuming the aim here is to 1) prevent a thief from using the phone (if he even has the OP’s phone), and 2) protect any info the OP has on the phone, what can the OP do given that the phone may not be currently on any iCloud account?
Not a lot of work split over however many thousands or millions of marks. There’s no reason the followup responses can’t be automated.
I expect that this is a scam, and that what would happen if you respond to the scammer is that they’d try to to access something that results in a short-term access control code to be sent to your phone, then ask you to copy that code to them, hoping that you are unfamiliar enough with security procedures or credulous enough to send it on.
Something like: “Hey, thanks! I can almost set it up now, but it says that there’s a security code I need. Did you just get a text message with a code?”
And then they got you.
You should be extremely wary of interacting with anyone that you think might be a scammer. Unless you are a security professional, it’s very unlikely that you can analyze the threat as well as they can, and very easy to expose additional information they need without realizing it.
Wait… What? 
Why?
Or, 3. It’s this ‘friend’ who stole your phone and is trying to get it to work. That’s how they know your real name and stuff. Just a thought.
I’d report it stolen and give the message to the coppers to follow up. About the same as hitting the Delete button.
I don’t understand what you are questioning. Why I have a spare phone? Why I loan it to house guests? Why I’m not worried that I didn’t get it back?
The main reason I came back to this thread is to provide an update: the phone in question is securely in my friend’s hands, hasn’t been turned on in weeks, and will be returned in due course.
Which would clearly eliminate the possibility that the guy got my info from an actual phone, so maybe it was part of some data breach or something. Case mostly closed, I guess.
If you loan something to your friend that you don’t particularly care about that much, and it doesn’t get returned promptly, do you call the police?
I would not imagine calling the cops on a friend of mine for such a trivial issue until I speak to them first. It strikes me as an extreme overreaction.
The part I don’t get is: someone says they have a phone they clearly shouldn’t have, and want you to make it work for them. Why would anyone consider this for a second? Like does this ever work?
As I have said several times, my main questions are how he may have gotten my contact info and what sort of scam this may be.
My question wasn’t so much to you, it was - how the hell does this scam work? “I have your phone, gimme the code to make it work” I can’t see anyone going: “oh, sure”.