The estimated reading time for this post is 4 minutes
What would you do if you woke up tomorrow morning to find your iPhone was locked with a message that the only way you could unlock it was to pay a $100 ransom? That’s exactly what happened this week to many iPhone owners in Australia and is starting to happen to iPhone owners in the US and UK.
A hacker using the name Oleg Pliss is accessing iPhones and iPads through the Find My iPhone app and locking the devices remotely, demanding payments of $100 to unlock them. Many people are speculating that the hacker has obtained emails and passwords from other accounts and is using the information to access user accounts on Find My iPhone.
Apple has issued the following statement that iCloud has not been compromised:
Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.
Many passwords have become exposed recently through the hacking of major websites such as eBay, as well as through the Heartbleed bug. See, Heartbleed – The Internet Security Flaw That Should Command Your Attention Now for more information about Heartbleed.
If you still are using the same passwords for multiple websites now is the time to correct that vulnerability. See, How to Create a Strong Password and Why You Should Do This Now to learn about creating a strong password.
How to Protect Your iPhone from Being Hijacked
To protect yourself from your iPhone being hijacked, you should take the following steps. While there is no 100% guarantee of securing your iPhone, these steps will go a long way towards making your iPhone more safe from hijacking.
Two-Step Verification
You can protect your Apple account by enabling Two-Step Verification. With this feature enabled Apple will send you a special passcode via text message any time you try to log into your Apple account from a new device. You won’t be able to access your Apple account from the new device until you’ve entered the passcode.
To enable Two-Step Verification for your Apple ID, go to the Apple ID page and click My Apple ID. Sign into your account and Go to Password and Security and follow the steps for Two-Step Verification.
When you sign up for Two-Step Verification, Apple will give you a Recovery Key you can use to access your account in case you lose your phone or forget your password.
You can learn more about Two-Step Verification from the Apple Help page.
Change Your Apple ID Password
If your Apple ID password is the same as the one you use for any other account, you should change it right now. Go to the Apple ID page and click My Apple ID. Go to Password and Security and then Change Password.
Apple now has more stringent requirements for passwords:
[important]Remember, make your Apple ID password different from passwords you use for any other accounts.[/important]
Back Up Your iDevices to iTunes on Your Computer
If your iPhone is hijacked, you will need to reset your phone which will wipe all of your data from it. If you’ve previously backed up your iDevices to iTunes on your computer, you’ll be able to recover the backed up data.
Back it up now.
Put a Passcode on Your iPhone
If you don’t have a passcode on your iPhone, now is the time to add one. Go to:
Settings ➛ Passcode ➛ Turn Passcode On
You will be asked to enter a passcode and verify it.
If Your iPhone Is Hijacked
If you are one of the unfortunate ones whose iPhone has been hijacked, the good news is that you can unlock your phone without paying the ransom. The bad news is that you may lose the data on your phone. Whatever you do, don’t pay the $100 ransom!
If your phone is passcode protected, enter the passcode and your phone should be unlocked. If your phone isn’t passcode protected, then getting access to your phone becomes much more difficult as the hacker can remotely set a passcode for your device.
You can take your iPhone to an Apple retail store to have your iPhone reset. This will wipe your data from your phone and erase it to factory settings.
If you aren’t able to visit an Apple store, you can follow the steps listed in the Apple forum to reset your device.
Some people in the Apple forum have reported being able to back up their iPhones to iTunes on their computers even though their phone was locked.
Your Thoughts
Have you heard about iPhones being hijacked? Have you reset your Apple ID password and enabled Two-Step Verification? Do you have your iPhone passcode protected? Let us know in the Comments section below!
Hi Carolyn,
This can be pretty scary! Imagine having to pay so many dollars for nothing!
I don’t have an iPhone but a few of my family and known ones do have so I would surely be passing on this information to them so that they can take the required action. It’s certainly better to be aware than to sit and regret later. I never knew someone could even hijack iPhones this way, and if he can do that, then how safe are our phones I wonder.
Thanks for sharing and making us aware. Have a nice weekend 🙂
Hi Harleena, Yes, this is very scary and I hope no one pays the hacker any money at all. We can’t reward hackers for hijacking phones and who knows whether the payment will result in the phone actually being unlocked?
Having your smartphone passcode protected is a very important security measure, even though it makes using the phone a bit more inconvenient. But the more we rely on smartphones the more we need to protect them.
Thank you for sharing this, Harleena. This information is important for iPhone owners to know. An ounce of prevention is certainly worth a pound of cure in this situation!
Carolyn!
It just keeps getting worse. Gotta protect my new phone. Actually on it now on a train and your site looks good on a phone:-)
Where will these hackers go next!
Thanks for the warning
Ashley
Hi Ashley, Yes, while you’re enjoying your train ride be sure to add passcode protection to your phone. Prevention of hijacking is much easier than trying to unlock your phone that has been hacked.
You’re absolutely right. With each report of hacking we realize that we have to be even more diligent in protecting our tech from hackers. But by staying a step ahead of them we can do our best to thwart them!
Oh my goodness Carolyn, do they ever stop? I wish people like this would be caught and severely punished but I’m afraid that just doesn’t happen.
I hate that anyone has had to deal with this but I’m glad I haven’t had any issues. Mine is password protected.
I appreciate the information though, thank you so much and I’ll be sure to pass this post around as well.
~Adrienne
Hi Adrienne, You’re right, hackers don’t stop, in fact hacking will only get worse which is why we need to take preventative steps to protect our tech. By taking just a little time to add a passcode to your phone you can prevent someone from doing it for you!
I’m glad your phone is already passcode protected, Adrienne. Thanks for sharing so that those who don’t have their phones protected can do so to thwart hackers.
Hello,
Well first of all I’d like to thank you for the wonderful post and I don’t have an iphone may be next time I’d own an iphone but I will bookmark the post for future.
Thanks
Hi Samir, You’re welcome. Even if you have a different type of smartphone, it’s a good idea to protect it with a passcode.
Hi Carolyn,
I haven’t given this much thought other than that I’m using a code to get access to my phone and my passwords are stored in 1password. So, hopefully it’s not that easy to get access to my phone, even though I know that the people who are professional will probably get access to it within a few minutes if they wanted 🙂
I’ve got a backup of all my data in iCloud, this way it won’t be a major crises if something happened to my phone. But, I remember the feeling when my gmail account was hacked, and it’s the worst feeling in the world.
Great tips Carolyn.
-Jens
Hi Jens, I’m glad your phone is passcode protected and backed up to iCloud. This is one case though where backing up your phone to iTunes on your computer is preferable. If your phone is hijacked and the backup is on iCloud, you may not be able to access your phone to reset it. In that case you would need to go to an Apple Store for them to do it.
You’re right, getting hacked is a horrible feeling. I hope this never happens to you, Jens!
No matter how complex your passcode is, your phone is always going to be at high risk if you set the same master password for all sites. Heartbleed really tested our vulnerability. And every now and then, I’d spend time backing up my important data. I won’t have any qualms resetting my phone if it gets hijacked!
Hi Peter, You’re absolutely right, using unique passwords for each account is crucially important as hackers become more bold. That’s great that you back up your data regularly. By taking these steps you are providing many lines of defense to thwart hackers. Well done.
Yes teacher; I’ll make the changes now….
A+ for you, Bill! And every day your iPhone isn’t hijacked you can be happy you followed the steps in this article. 😉
2 step verification is really important to make sure our iphone can’t be hijacked or whatever. I’m really thankful that you’ve shared really informative tips.
I wonder if this can happens with Android also? Any idea? I think in case of android our Gmail ID is everything to hijack it.
Informative post 🙂
Hey Carolyn,
I’m an Aussie and this is the first time I’ve heard about iPhones being hijacked that way. Did a quick search and found an article on the Sydney Morning Herald. Man, I must have been sleeping when that news came on.
Anyway, that was May 27th. An update on May 29th says that it has now hit the States so your post is very timely. I think I’ll take your suggestion and do that two step verification thingy.
Hi Carolyn,
My gosh…these hackers just never stop! I do have an Iphone, have a strong password on it plus a strong password on my apple account. Lately I’ve been changing passwords on just about everything once a month. Sound crazy hugh? But that’s all I can think of doing.
So far so good for me and my Iphone. I had no idea this was happening. Seems like everything we do these days, there’s a hacker right up our backs. No matter how careful we are, there is always a chance for someone to “break in.”
Thanks for the information, time to change passwords again!
-Donna
Hi Donna, You’re right, hackers won’t go away so the only thing we can do is try to stay a step ahead of them. That’s great you’re changing your passwords so often, Donna. I hope the hackers stay far away from you!