Your IPhone Is Still Vulnerable When It’s Locked

Posted on by

In many ways, it’s great that we can do almost everything we need to do on our smartphones. However, this convenience creates a single point of failure, which can lead to big losses if something goes wrong. Case in point: Reddit user Whippity, who recently had his iPhone and credit card stolen . The thieves used the stolen card to purchase over $9,000 worth of goods, approving the transaction from the victim’s own iPhone. Fortunately, the cardholder was able to cancel these payments, but not everyone can be so lucky. The best approach is to avoid situations like this in the first place.

How did the theft take place?

According to u/Whippity, the thieves broke into their car and stole their iPhone 13 Pro and the included MagSafe wallet, which contained their ID and credit card. Their next stop was the Apple Store, where they made a large purchase using a credit card. Redditor claims they received a text message from a credit card to confirm the transaction, but the thieves were able to respond to the text even though the iPhone was locked.

It sounds like it’s not possible, but it could be if you have the wrong setting enabled. By default, iOS doesn’t let you reply to messages when your iPhone is locked, but it’s possible if you’re set to preview messages when it’s locked. This is handy, of course, as you don’t have to unlock your iPhone every time you need to reply to a single text message. However, this is a poor choice from a security point of view.

The redditor probably enabled this setting, which allowed thieves to reply to any message without having a phone password. Once AMEX sent a text to confirm the $9,000 purchase, they just had to respond with a single character — 1 — to confirm the transaction. The credit card company was able to drop the charges, and luckily for the Reddit user, they purchased AppleCare+ with theft and loss coverage. They were also able to get a brand new iPhone without too much hassle.

How to Disable Text Replies When Your iPhone is Locked

While this story has a happy ending, you should take the time to check the security settings on your iPhone. Toggling multiple software switches ensures that your iPhone cannot be easily used for fraud.

To get started, make sure your message previews only show up when your iPhone is unlocked. You’ll find this in Settings > Messages > Notifications > Show Previews . Just in case, make sure all notification previews are configured the same way in Settings > Notifications > Show Previews .

You should also take the time to review other actions available by default on a locked iPhone. Start by going to Settings > Face ID & Passcode , then enter your passcode. Scroll down and go to the “Allow Access When Locked” section. Ideally, you should consider disabling the following:

  • Reply with a message (offers the option to reply to a missed call with a message)
  • Answer missed calls
  • Wallet
  • Notification Center
  • Home control
  • Siri

You can also go to Settings > Siri & Search and turn off Allow Siri When Locked , just to be on the safe side.

More…

0
Apple

Leave a Reply