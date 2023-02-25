



A detailed report published today by The Wall Street Journal’s Joanna Stern and Nicole Nguyen highlights cases of thieves stealing victims’ iPhone passcodes and stealing devices to gain access to devices, data and money. .

All interviewed victims said their iPhones were stolen while they were socializing in bars or other public places at night. Some victims say a stranger snatched her iPhone from her hands, while others say she was assaulted and threatened. The report provides concrete examples of these instances.

If a thief knows the iPhone’s passcode, they can easily reset the victim’s Apple ID password in the Settings app, even if Face ID or Touch ID is enabled. The thief can then turn off her Find My iPhone on the device to prevent the device owner from tracking its location or erasing the device remotely via iCloud. The thief can also remove her other trusted Apple devices from her account to further lock out the victim.

Thieves can also change Apple ID contact information and set recovery keys to prevent victims from recovering their accounts.

Worse, thieves can use Apple Pay, send Apple Cash, or access banking apps using passwords stored in iCloud Keychain if they know your iPhone’s passcode. can. Even if her iPhone has Face ID or Touch ID enabled, the thief can easily circumvent these authentication methods and will be presented with the option to enter the device’s passcode. In some cases, the thief found the last four digits of the victim’s Social Security number in photos stored in Photos or her Google Drive and other apps, and opened the Apple card, the report claims.

Accessing other passwords stored in iCloud Keychain can wreak even more havoc as thieves gain access to email accounts and other sensitive information. Overall, the report states that thieves can essentially “steal your entire digital life.”

Apple’s response

In response to the report, an Apple spokesperson said, “Security researchers agree the iPhone is the most secure consumer mobile device, and we protect all users from emerging threats.” We work relentlessly every day to protect against.”

“We sympathize with users who have gone through experiences like this and take all attacks on our users very seriously.” Apple hasn’t provided specific details about its next steps to improve security.

In his tweet, Stern recommended that Apple add additional protections to iOS and introduce additional Apple ID account recovery options.

How to stay protected

In a tweet, Stern recommended that users switch from 4-digit passcodes to alphanumeric passcodes.This is in the Settings app[Face ID とパスコードの変更]You can do it with your passcode.

iPhone users can also use Face ID or Touch ID whenever possible in public to prevent thieves from spying on your passcode. In situations where passcode entry is required, the user can hold their hand over the screen to hide the passcode entry.

To protect your bank account, consider storing your passwords in a password manager that doesn’t require a device passcode, like 1Password.

