Phone pickpocket

iPhone user watches as stolen phone travels from UK to China

Have you ever wondered what happens to your phone if it’s stolen while on vacation or a business trip? The answer may surprise you, as it did one Mastodon user who graciously shared a tale of a smartphone gaining some serious air miles. Our intrepid business traveller was in London when their phone was snatched from their hand in the street.

Thankfully, they’d taken the precaution of setting up Apple’s Find My service prior to making their trip.

In practical terms, this meant that the phone could be remotely wiped (via Find My) and essentially turned into a paperweight. This has a two fold advantage: Keeping valuable data out of the thief’s hands, and also making the phone considerably less useful to a criminal.

You might think a theft such as this stays local, and that’s what it looked like for a while with the phone coming to a halt a few miles away. I would have assumed the phone would be sold locally or scrapped, but in this story our thief had other ideas in mind. What followed was an attempt to revive the phone via phishing, and a very long flight.

When a theft gets phishy

The thief was not just interested in grabbing the device and selling it on in its bricked form. They wanted to reactivate the device too. This was attempted via a text message sent to the phone owner’s emergency contacts. The text reads as follows:

The site, which spoofed the Find My website, was phishing for an Apple ID login to kickstart the reviving process. I’m sure the thief wouldn’t have objected to whatever data was locked behind that Apple ID too, but we can presume that getting the phone up and running is the primary concern.

Roughly a month after the phone was stolen, the activation lock for the device started pinging home. This is the feature which prevents random people from unlocking a lost or stolen device.

The victim of this crime was surprised to learn that the stolen device had travelled from the UK to Shenzen in China. You may wonder if the Find My service was perhaps malfunctioning and the stolen device was still in London somewhere, but as we’re about to see, this is far from the only example of this happening.

Why do stolen phones end up in China?

Stolen phones ending up in China is, perhaps surprisingly, not uncommon. In fact, searching for this kind of thing brings up a wealth of results (try it!) and they all tend to look something like this:

Phones make their way via “networks of black marketers” to their new owners in cities where phones, and modifications, are extremely cheap. In many cases, the final destination for the stolen iPhone is someone who has no idea a theft took place. Occasionally there’s a heartwarming story and meet up, but mostly it’s just a case of “My phone is gone and now I need to do something about it”.

What to do if your iPhone is stolen

There are some great tips gleaned from personal experience via the above tale, most importantly making sure you turn on Find My. This is the way you’ll be able to remotely scrub that device and make it unusable for the thief. The other great tip is to make sure you have a secondary (and fast!) way to access Find My. If you don’t have an additional device with you, then you may struggle to find a way to get online and remedy the situation. Every second counts. It’s worth noting that you can still take steps to protect your data even if you don’t enable Find My.

Apple provides several tips for what you should do in the event of a theft. Here’s some of the more pressing technical related suggestions:

  1. Lock your phone down. Use the previously mentioned Find My service. Do this in advance of any theft! In your Settings app, tap your name, and then select Find My.

     2. Mark your phone as lost. Doing this via the Find My app disables the Apple Pay service, and locks the device with a passcode like so:

  • Open the Find My app and choose the Devices tab or the Items tab.
  • Select your missing device or item.
  • Scroll down to Mark As Lost or Lost Mode and select Activate or Enable.
  • Follow the onscreen steps if you want your contact information to be displayed on your missing device or item, or if you want to enter a custom message asking the finder of your missing device to contact you.
  • Select Activate.

Erase the device remotely. To do this:

  • Open the Find My app and choose the Devices tab.
  • Select the device you want to erase remotely.
  • Scroll down and choose Erase This Device.
  • Select Erase This [device].

What to do if your Android is stolen

This can be a bit trickier, as there are so many different models out there and often network carriers nudge you towards using their own bespoke tracking solutions. Despite this, the basic Android options should always be available. To enable Android’s find my device service:

  • Open Settings
  • Tap Security > Find My Device.
  • If you can’t see the Security option, tap Security > location or Google > Security.
  • Ensure Find My Device is enabled.
  • Test the service out on the Find my Device site.
  • From the map, you can select the “Lock and Erase” option. Note that it may not erase the contents of an SD card.

Losing your phone, laptop, or other device to a thief is never a pleasant experience but you’re never totally out of options. The trick is to ensure you put some time into setting these solutions in place long before the possibility of a theft happens. Stay safe out there!


We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.