NEW DELHI: The Indian Cyber Crime Coordination Centre (I4C), operating under the Union Ministry of Home Affairs (MHA), has issued a nationwide advisory warning iPhone users about a sophisticated cyber fraud campaign that exploits devices reported lost or stolen.
The alert, issued by the National Cybercrime Threat Analytics Unit (NCTAU), a specialised wing of the I4C, describes the scam as a “hybrid cybercrime” that combines physical theft with advanced phishing techniques to gain unauthorised access to victims’ iCloud accounts.
According to the advisory, cybercriminals are specifically targeting individuals who have recently lost their iPhones, capitalising on the anxiety and urgency associated with recovering their devices. Fraudsters reportedly send SMS messages impersonating Apple Support or the “Find My iPhone” service, falsely claiming that the missing device has been located or switched off.
The messages typically urge recipients to take immediate action by clicking on embedded links. However, the links redirect users to counterfeit websites that closely mimic Apple or iCloud login pages.
Victims are then prompted to enter their Apple ID credentials, followed by one-time passwords (OTPs) or two-factor authentication codes sent by Apple. Once these details are obtained, attackers can gain full access to the victim’s iCloud account.
The advisory warns that criminals subsequently remove the Apple ID associated with the stolen device, disable the “Find My iPhone” feature and bypass key security protections. This allows the stolen handset to be resold or reused without restrictions while leaving victims vulnerable to the loss of personal data, financial information and control over their Apple accounts.
Describing the operation as a new and evolving threat, the I4C urged users to remain vigilant and avoid clicking on suspicious links received through SMS, particularly messages originating from unknown or international numbers.
Authorities have advised users to verify website URLs carefully before entering login credentials and to keep two-factor authentication enabled. The use of strong passwords and ensuring that “Find My iPhone” remains active at all times were also recommended.
The advisory further cautioned users against removing devices from their Apple ID without proper verification. In the event of a lost or stolen phone, users have been urged to block the device through the CEIR portal and report phishing attempts immediately through the national cybercrime portal or helpline 1930.
The warning comes amid a surge in phishing attacks and online financial fraud cases across the country, prompting authorities to intensify public awareness efforts and strengthen digital safety measures.
