Apple users have been warned that the recovery key, a security function introduced by the company in 2020, is being used by scammers to hack into accounts. Recent reports reveal that attackers have learned how to use the function to gain access to accounts carrying sensitive information.
Victims of theft come under attack after having their devices stolen, with criminals using the device’s usual PIN code to change the password of the user’s Apple ID profile, before activating the recovery key function. The recovery key is a 28-symbolic code that can be used by the owner to prevent unauthorized access to their Apple ID password. However, in practice, few people use this facility, as the code is easily lost on a lost, damaged or stolen device.
A recent report from the Wall Street Journal features an American named Greg Frask who fell prey to scammers. They stole his iPhone14 Pro from a Chicago bar and spied on the blocking password, which allowed them to change Greg’s device password and then use the recovery key to take possession of his account. All the confidential information contained in his account, including his contacts, messages, and photos, were lost.
The theft and misuse of Apple devices have become common in the USA and other countries. A significant portion of these cases indicates that iPhones are very vulnerable to theft when used in public places.
To prevent your device from falling into the hands of thieves, experts suggest avoiding the use of the access code in front of others. Instead, use a long, unique and complicated password that is difficult for an attacker to spy on and memorize. Setting the recovery key in advance, but writing it on a physical medium, such as a piece of paper, and keeping it in a secure location is also recommended. However, it is essential not to forget where the recovery key is stored.