In June of this year, cases were reported in Spain of stolen iPhones that ended up exposing users' bank account passwords through a technique discovered by criminals. It was initially thought to be an advanced method, but in the end it was much simpler than the police believed. The information came through the newspaper Folha de São Paulo, where it is said that the authorities have finally discovered how the bank account thieves acted.
According to the Folha newspaper, one of the groups of criminals responsible for the theft of Apple cell phones was recently arrested by the São Paulo Police. With this, it was possible to unravel the mystery behind the breaking of the iPhone's security system. One of the criminals even said that he can "unlock all iPhones, from 5 to 11".
iPhones stolen in Spain have bank accounts exposed!
How does hacking happen on iPhones?
According to the account of the criminal who was arrested, the SIM chip is removed from the iPhone and inserted into another Apple cell phone. Then, the thief enters social networking applications such as Facebook and Instagram, and obtains the email used by the person to access, which is often the same as the Apple ID. As you already have access to the person's number, through two-step verification using the SIM chip for verification, the criminal can reset the Apple ID password and access whatever he wants next.
The practice described above also happens on Android phones, as the key to accessing the accounts is to have access to the SIM chip with the victim's number. However, the process can occur in another way, where there is simply no need to steal the device. The criminal is usually an employee of a phone company in this case, where he uses access to the company's system to change the owner's SIM card number to another SIM card (the one he has on hand, of course). From that point, the procedure is the same as described above and you have access to the Play Store and the person's emails.
What to do to avoid?
To prevent this kind of thing from happening, the first thing you should do is disable XNUMX-step verification using phone number (there is other ways to use this type of barrier). Usually the e-mail services used (Example: Outlook, Gmail) have other ways to block unknown access. Then the ideal is always keep the practice of changing the password for something that is hard to figure out (contain numbers, letters and special characters like hashtag, percentage, asterisk) and keep the code written down on a well-kept paper (don't use note taking apps from your cell phone for this).
I hope this case serves as a warning to many and prevents the worst from happening. Share with your friends on social media!
