So, your iPhone was stolen. You’re sad, obviously, but must move on, so you file an insurance claim and get a new phone. Some time later, you start receiving worrying texts from a stranger, who claims they’ve bought your stolen iPhone and now have access to everything you saved to it. They say they have your messages, saved credit cards, passwords, even your SIM, so they intercept all your phone calls.
This stranger doesn’t want anything from you, however. No, they’re simply a good samaritan, warning you that this iPhone with all your personal identifying information is about to be sold on the black market, and that the smart move would be to remove it from your Apple ID. Then, you can erase the phone, and not have to fear your data falling into the wrong hands. They may even include instructions on how to remove the phone from your account, just in case you aren’t sure how.
If you ever find yourself in this position, do not do this. This person isn’t looking out for you, and your personal data is not in jeopardy: This is a scam. In fact, the reason they are desperate for you to remove your iPhone from Find My is because Apple’s security feature is working too well. Here’s what’s going on.
How scammers use Find My against you
When you set up Find My on your iPhone, it doesn’t just let you locate your phone in the event you lose it. This feature also automatically enables a security feature known as Activation Lock, which binds your iPhone to your Apple ID username and password. Activation Lock cannot be undone by a factory reset: Even if thieves erase your iPhone, they will not be able to set it up without providing your Apple ID credentials first.
It’s one of Apple’s best security features, and it ensures a stolen iPhone is worth about as much as a fashionable paperweight. Thieves aren’t getting in without either your iPhone’s passcode or your Apple ID credentials, which is why they need you to remove your iPhone from Find My: It’s the only way to disable Activation Lock. Once you do, they’re free to factory reset the phone and set it up with their own account.
As long as you keep that iPhone tied to your Apple ID, no one is getting in. Don’t listen to aggressive scammers who lie about having access to your personal information: Likely the only reason they have access to your phone number is because you enabled Lost Mode, and possibly displayed your number on-screen as a way for someone to get in touch with you if they find your iPhone.
A locked iPhone isn’t impervious
Now, I don’t want to give off the impression that an iPhone with Activation Lock is impenetrable. It’s perfect against thieves who randomly steal your iPhone, but not all thieves are random. Some are smart, and watch for you to enter your passcode before snatching your iPhone. If they know your passcode, not only can they unlock your iPhone, they can reset your Apple ID credentials as well, locking you out of your own Apple account.
In addition to Activation Lock, you should set up Stolen Device Protection on your iPhone as well. With it, iOS requires a Face ID or Touch ID scan when accessing passwords and passkeys. Following this scan, for certain features, iOS puts a one-hour delay on any major changes when using the iPhone in an “unfamiliar location.” After that time is up, you’ll need to authenticate again. In short, Stolen Device Protection keeps your iPhone safe from thieves that know your passcode, while Activation Lock protects against forced erasure.
Look, keeping a stolen iPhone on Activation Lock doesn’t guarantee you’ll get it back. In fact, if that iPhone was taken to another country, you’ll likely never see it again. But why let the thieves get away with it? Keep that iPhone on your Find My, and let them stare at their expensive, useless bounty.