How to be mean to some people that stole my phone [on hold]












22














My iPhone was stolen a couple of weeks ago and I started receiving the following messages on my recovery secondary number that I provided with Find My iPhone:



enter image description here



The URLs are:




  • https://apple.inc-view.us/?auth=3455

  • https://apple.inc-locate.us/verify.php?ID=&auth=325&vr=


And they mimic the interface of Find My iPhone where they're asking me for my Apple ID credentials. I logged into Apple ID and the phone hasn't registered since it was stolen.



Wondering if there's something I can do to track them down or be mean to them.










share|improve this question









New contributor




Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as off-topic by Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew yesterday


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question does not appear to be about Information security within the scope defined in the help center." – Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew

If this question can be reworded to fit the rules in the help center, please edit the question.









  • 5




    I’m curious how they would have got this number unless you’ve been the victim of a very targeted attack’s (I.e. iCloud account hacked and your phone stolen).
    – Darren
    yesterday










  • So the thieves are sending you these spoofed messages to phish for your credentials?
    – henning
    yesterday
















22














My iPhone was stolen a couple of weeks ago and I started receiving the following messages on my recovery secondary number that I provided with Find My iPhone:



enter image description here



The URLs are:




  • https://apple.inc-view.us/?auth=3455

  • https://apple.inc-locate.us/verify.php?ID=&auth=325&vr=


And they mimic the interface of Find My iPhone where they're asking me for my Apple ID credentials. I logged into Apple ID and the phone hasn't registered since it was stolen.



Wondering if there's something I can do to track them down or be mean to them.










share|improve this question









New contributor




Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as off-topic by Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew yesterday


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question does not appear to be about Information security within the scope defined in the help center." – Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew

If this question can be reworded to fit the rules in the help center, please edit the question.









  • 5




    I’m curious how they would have got this number unless you’ve been the victim of a very targeted attack’s (I.e. iCloud account hacked and your phone stolen).
    – Darren
    yesterday










  • So the thieves are sending you these spoofed messages to phish for your credentials?
    – henning
    yesterday














22












22








22


4





My iPhone was stolen a couple of weeks ago and I started receiving the following messages on my recovery secondary number that I provided with Find My iPhone:



enter image description here



The URLs are:




  • https://apple.inc-view.us/?auth=3455

  • https://apple.inc-locate.us/verify.php?ID=&auth=325&vr=


And they mimic the interface of Find My iPhone where they're asking me for my Apple ID credentials. I logged into Apple ID and the phone hasn't registered since it was stolen.



Wondering if there's something I can do to track them down or be mean to them.










share|improve this question









New contributor




Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











My iPhone was stolen a couple of weeks ago and I started receiving the following messages on my recovery secondary number that I provided with Find My iPhone:



enter image description here



The URLs are:




  • https://apple.inc-view.us/?auth=3455

  • https://apple.inc-locate.us/verify.php?ID=&auth=325&vr=


And they mimic the interface of Find My iPhone where they're asking me for my Apple ID credentials. I logged into Apple ID and the phone hasn't registered since it was stolen.



Wondering if there's something I can do to track them down or be mean to them.







spoofing identity-theft






share|improve this question









New contributor




Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 2 days ago









Ahmed Abdelhameed

1032




1032






New contributor




Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 2 days ago









Evelin VelevEvelin Velev

13213




13213




New contributor




Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Evelin Velev is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




put on hold as off-topic by Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew yesterday


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question does not appear to be about Information security within the scope defined in the help center." – Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew

If this question can be reworded to fit the rules in the help center, please edit the question.




put on hold as off-topic by Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew yesterday


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question does not appear to be about Information security within the scope defined in the help center." – Xander, forest, Steffen Ullrich, Dmitry Grigoryev, Matthew

If this question can be reworded to fit the rules in the help center, please edit the question.








  • 5




    I’m curious how they would have got this number unless you’ve been the victim of a very targeted attack’s (I.e. iCloud account hacked and your phone stolen).
    – Darren
    yesterday










  • So the thieves are sending you these spoofed messages to phish for your credentials?
    – henning
    yesterday














  • 5




    I’m curious how they would have got this number unless you’ve been the victim of a very targeted attack’s (I.e. iCloud account hacked and your phone stolen).
    – Darren
    yesterday










  • So the thieves are sending you these spoofed messages to phish for your credentials?
    – henning
    yesterday








5




5




I’m curious how they would have got this number unless you’ve been the victim of a very targeted attack’s (I.e. iCloud account hacked and your phone stolen).
– Darren
yesterday




I’m curious how they would have got this number unless you’ve been the victim of a very targeted attack’s (I.e. iCloud account hacked and your phone stolen).
– Darren
yesterday












So the thieves are sending you these spoofed messages to phish for your credentials?
– henning
yesterday




So the thieves are sending you these spoofed messages to phish for your credentials?
– henning
yesterday










6 Answers
6






active

oldest

votes


















48














Offensive defense is the type of attack you are looking to perform. You have been the victim of a technological crime, you are the target of a phishing campaign, and you want to get even. This is a very normal response and I can tell you that many organizations, governments, and individuals attempt this on their own daily. There is a major issue with any type of non-legal recourse, however.



Due to the anonymity of the internet, and the relative ease of using a botnet to do malicious activity, it can be really difficult to assure that you only hurt the people you intend to hurt. In attacking an individual through a network relay, you may end up shutting down your own grand mother's computer which is less than ideal and totally irrelevant to the initial attackers. The only truly legal recourse is to co-ordinate with your local authorities and attempt to gain information back on the attackers.



If you can glean any information from your cowardly attackers that may indicate name or location you can use this to work with the authorities. Also, if the phone is on, you can still attempt to use the "Find My Phone" feature to track down it's current location alongside the proper authorities (I do not recommend confronting thieves on your own or without legal support).



In the end, it really sucks that you're in this position and I have compassion for you. Know that your options are limited, but do take advantage of the ones you can so you have the peace of mind knowing you did all you could legally do. That will be far better than putting your self in the position of risking jail time over a device.






share|improve this answer








New contributor




Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.














  • 15




    There are a few cases where hacking back is actually practical and profitable. This just isn't one of them.
    – Tom
    2 days ago






  • 1




    On top of causing unintended collateral damage, there's also the risk of OP getting in legal hot water themselves for computer-related crimes. Not to mention the possibility of exposing themselves to the attackers even more (and giving them incentive to follow up) by revealing other devices / IPs they own.
    – Steve-O
    yesterday



















27














I've just checked on Whois.us. Both domains are registered to the same person, with a stated address in London.



Try talking to the internet fraud team from your local police. Chances are they're overworked, but if they've got some free time then they may be able to go to TLDsolutions.com and trace the payments. For most countries this would be a dead loss, but US ISPs have to keep records and play nicely with police requests. So they may have screwed up by using a .us domain.






share|improve this answer





















  • lazy thieves making this too easy....
    – sudo rm -rf slash
    yesterday






  • 1




    @Graham the fact the domain name ends in .us doesn't mean it has anything to do with the USA? Anyone can register any domain they want and locate the server anywhere they want in the world
    – user1
    yesterday






  • 9




    @user1 Sure, but the provider who registered the domain is based in the US. Regardless of where the criminal's server is located, at some point they've had to pay a provider in the US to get that domain name. Which means there's a money trail from the criminal to the provider, and a provider in the US will honour requests from the police. Of course there are ways around that money trail - prepaid disposable credit cards are a thing, for example - but it's worth checking.
    – Graham
    yesterday












  • ahh that makes perfect sense. Thanks for clarifying
    – user1
    yesterday






  • 2




    The attackers might have assumed that their details were protected by WHOISguard (which is enabled for free on all domains registered on namecheap (and other registrars)) but the .us TLD is actually not eligible for whiosguard, for whatever reason.
    – rahuldottech
    yesterday





















16














Call the police and sue them in court! That will show them you can be mean. Moreover, it will be legal and you will stay out of trouble.






share|improve this answer

















  • 30




    Sue who? He doesn't know who they are and the fake "Find my phone" messages won't help. He could try to get the phone location records from the phone company based on cell tower hits, but even if he finds the general location of the phone, he still has to find out who has it. He can call the police, but in my experience, there's little chance of getting them to investigate a single stolen phone.
    – Johnny
    2 days ago






  • 5




    It's probably worth mentioning that the original question doesn't specify that the alerts are fake. At first glance this isn't obvious.
    – Tom W
    yesterday



















13














The attackers are skilled enough to not enable the phone and to set up a fake Find My iPhone site. This clearly shows they understand fairly well how the iPhones security features work and are trying to trick you into revealing the credentials that will let them get around those.



Unless you are highly skilled yourself, they probably have the upper hand in this. The fact that they reach out to you like that shows they are willing to take a (small) risk to get your credentials, so your best bet is to not give them what they want. It is unlikely that you will find a trick that they didn't anticipate, and more likely that in trying you would give them information they can use.



You should get the IMEI blacklisted, if you haven't yet. This is the best effort to make the phone useless for the thieves. With any luck, they'll ditch it somewhere, someone else finds it and turns it on, and it will show up on Find My iPhone.






share|improve this answer

















  • 5




    If you get the IMEI blacklisted, couldn't that prevent it from connecting to the internet and therefore prevent it from connecting to the Find My iPhone service?
    – Nonny Moose
    2 days ago










  • It won't work on wireless, but unless I am mistaken, it should work on a Wifi and report in.
    – Tom
    yesterday










  • @Tom Don't you have to have access to the phone to connect it to a WiFi network? At least where I'm from, widely available open WiFi services that grant internet access without user interaction are not a thing. So the phone would very likely not find anything to connect to.
    – Alexander Kosubek
    yesterday












  • That could be true. I think you can connect to wifi from the swipe-upwards screen, but I'm not sure if it allows you to connect to a new network.
    – Tom
    yesterday



















2














This message is coming from an 'abundance of caution' so that you understand that you may be engaging in something that may be dangerous (organized / violent criminals). The other postings indicate that the messages are from reasonably sophisticated thieves that are fishing for your info.



Escalating ("being mean") is potentially dangerous unless you are sure you understand who 1) stole and 2) has custody of your phone. There is a non-zero chance that they know who you are, since it is your phone. The phone may have been transferred to dangerous criminals. If you know someone at GCHQ, maybe they could take it on as a pet project.



It is understandable that you would like to get your phone back and even a little karma payback: your safer bet is to work with the authorities: just make it easy for the authority to catch the thief.






share|improve this answer































    0














    Something you could do is to pretend to give them what they want. Go to their site and enter some fake credentials. They might grab those and try them on your phone or on a computer, which might reveal some information about them, like time and IP address of a failed log in attempt, maybe even location of the device.



    Just be extra careful (isolated browser (in a virtual machine), plug-ins disabled, security settings to maximum, anti virus on-access scan enabled,...) when visiting their site to not fall victim to other malware they may be trying to push to you. (Not very nice, but you could use an internet cafe's computer for that. In the worst case, this computer gets infected, but since there's no personal data on it it's not a very big deal to just scrub it and put a fresh image on it; which they might do routinely anyway.)






    share|improve this answer























    • Or use a text-only browser
      – Kelly S. French
      yesterday


















    6 Answers
    6






    active

    oldest

    votes








    6 Answers
    6






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    48














    Offensive defense is the type of attack you are looking to perform. You have been the victim of a technological crime, you are the target of a phishing campaign, and you want to get even. This is a very normal response and I can tell you that many organizations, governments, and individuals attempt this on their own daily. There is a major issue with any type of non-legal recourse, however.



    Due to the anonymity of the internet, and the relative ease of using a botnet to do malicious activity, it can be really difficult to assure that you only hurt the people you intend to hurt. In attacking an individual through a network relay, you may end up shutting down your own grand mother's computer which is less than ideal and totally irrelevant to the initial attackers. The only truly legal recourse is to co-ordinate with your local authorities and attempt to gain information back on the attackers.



    If you can glean any information from your cowardly attackers that may indicate name or location you can use this to work with the authorities. Also, if the phone is on, you can still attempt to use the "Find My Phone" feature to track down it's current location alongside the proper authorities (I do not recommend confronting thieves on your own or without legal support).



    In the end, it really sucks that you're in this position and I have compassion for you. Know that your options are limited, but do take advantage of the ones you can so you have the peace of mind knowing you did all you could legally do. That will be far better than putting your self in the position of risking jail time over a device.






    share|improve this answer








    New contributor




    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.














    • 15




      There are a few cases where hacking back is actually practical and profitable. This just isn't one of them.
      – Tom
      2 days ago






    • 1




      On top of causing unintended collateral damage, there's also the risk of OP getting in legal hot water themselves for computer-related crimes. Not to mention the possibility of exposing themselves to the attackers even more (and giving them incentive to follow up) by revealing other devices / IPs they own.
      – Steve-O
      yesterday
















    48














    Offensive defense is the type of attack you are looking to perform. You have been the victim of a technological crime, you are the target of a phishing campaign, and you want to get even. This is a very normal response and I can tell you that many organizations, governments, and individuals attempt this on their own daily. There is a major issue with any type of non-legal recourse, however.



    Due to the anonymity of the internet, and the relative ease of using a botnet to do malicious activity, it can be really difficult to assure that you only hurt the people you intend to hurt. In attacking an individual through a network relay, you may end up shutting down your own grand mother's computer which is less than ideal and totally irrelevant to the initial attackers. The only truly legal recourse is to co-ordinate with your local authorities and attempt to gain information back on the attackers.



    If you can glean any information from your cowardly attackers that may indicate name or location you can use this to work with the authorities. Also, if the phone is on, you can still attempt to use the "Find My Phone" feature to track down it's current location alongside the proper authorities (I do not recommend confronting thieves on your own or without legal support).



    In the end, it really sucks that you're in this position and I have compassion for you. Know that your options are limited, but do take advantage of the ones you can so you have the peace of mind knowing you did all you could legally do. That will be far better than putting your self in the position of risking jail time over a device.






    share|improve this answer








    New contributor




    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.














    • 15




      There are a few cases where hacking back is actually practical and profitable. This just isn't one of them.
      – Tom
      2 days ago






    • 1




      On top of causing unintended collateral damage, there's also the risk of OP getting in legal hot water themselves for computer-related crimes. Not to mention the possibility of exposing themselves to the attackers even more (and giving them incentive to follow up) by revealing other devices / IPs they own.
      – Steve-O
      yesterday














    48












    48








    48






    Offensive defense is the type of attack you are looking to perform. You have been the victim of a technological crime, you are the target of a phishing campaign, and you want to get even. This is a very normal response and I can tell you that many organizations, governments, and individuals attempt this on their own daily. There is a major issue with any type of non-legal recourse, however.



    Due to the anonymity of the internet, and the relative ease of using a botnet to do malicious activity, it can be really difficult to assure that you only hurt the people you intend to hurt. In attacking an individual through a network relay, you may end up shutting down your own grand mother's computer which is less than ideal and totally irrelevant to the initial attackers. The only truly legal recourse is to co-ordinate with your local authorities and attempt to gain information back on the attackers.



    If you can glean any information from your cowardly attackers that may indicate name or location you can use this to work with the authorities. Also, if the phone is on, you can still attempt to use the "Find My Phone" feature to track down it's current location alongside the proper authorities (I do not recommend confronting thieves on your own or without legal support).



    In the end, it really sucks that you're in this position and I have compassion for you. Know that your options are limited, but do take advantage of the ones you can so you have the peace of mind knowing you did all you could legally do. That will be far better than putting your self in the position of risking jail time over a device.






    share|improve this answer








    New contributor




    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.









    Offensive defense is the type of attack you are looking to perform. You have been the victim of a technological crime, you are the target of a phishing campaign, and you want to get even. This is a very normal response and I can tell you that many organizations, governments, and individuals attempt this on their own daily. There is a major issue with any type of non-legal recourse, however.



    Due to the anonymity of the internet, and the relative ease of using a botnet to do malicious activity, it can be really difficult to assure that you only hurt the people you intend to hurt. In attacking an individual through a network relay, you may end up shutting down your own grand mother's computer which is less than ideal and totally irrelevant to the initial attackers. The only truly legal recourse is to co-ordinate with your local authorities and attempt to gain information back on the attackers.



    If you can glean any information from your cowardly attackers that may indicate name or location you can use this to work with the authorities. Also, if the phone is on, you can still attempt to use the "Find My Phone" feature to track down it's current location alongside the proper authorities (I do not recommend confronting thieves on your own or without legal support).



    In the end, it really sucks that you're in this position and I have compassion for you. Know that your options are limited, but do take advantage of the ones you can so you have the peace of mind knowing you did all you could legally do. That will be far better than putting your self in the position of risking jail time over a device.







    share|improve this answer








    New contributor




    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.









    share|improve this answer



    share|improve this answer






    New contributor




    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.









    answered 2 days ago









    Connor PeoplesConnor Peoples

    721112




    721112




    New contributor




    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.





    New contributor





    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






    Connor Peoples is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.








    • 15




      There are a few cases where hacking back is actually practical and profitable. This just isn't one of them.
      – Tom
      2 days ago






    • 1




      On top of causing unintended collateral damage, there's also the risk of OP getting in legal hot water themselves for computer-related crimes. Not to mention the possibility of exposing themselves to the attackers even more (and giving them incentive to follow up) by revealing other devices / IPs they own.
      – Steve-O
      yesterday














    • 15




      There are a few cases where hacking back is actually practical and profitable. This just isn't one of them.
      – Tom
      2 days ago






    • 1




      On top of causing unintended collateral damage, there's also the risk of OP getting in legal hot water themselves for computer-related crimes. Not to mention the possibility of exposing themselves to the attackers even more (and giving them incentive to follow up) by revealing other devices / IPs they own.
      – Steve-O
      yesterday








    15




    15




    There are a few cases where hacking back is actually practical and profitable. This just isn't one of them.
    – Tom
    2 days ago




    There are a few cases where hacking back is actually practical and profitable. This just isn't one of them.
    – Tom
    2 days ago




    1




    1




    On top of causing unintended collateral damage, there's also the risk of OP getting in legal hot water themselves for computer-related crimes. Not to mention the possibility of exposing themselves to the attackers even more (and giving them incentive to follow up) by revealing other devices / IPs they own.
    – Steve-O
    yesterday




    On top of causing unintended collateral damage, there's also the risk of OP getting in legal hot water themselves for computer-related crimes. Not to mention the possibility of exposing themselves to the attackers even more (and giving them incentive to follow up) by revealing other devices / IPs they own.
    – Steve-O
    yesterday













    27














    I've just checked on Whois.us. Both domains are registered to the same person, with a stated address in London.



    Try talking to the internet fraud team from your local police. Chances are they're overworked, but if they've got some free time then they may be able to go to TLDsolutions.com and trace the payments. For most countries this would be a dead loss, but US ISPs have to keep records and play nicely with police requests. So they may have screwed up by using a .us domain.






    share|improve this answer





















    • lazy thieves making this too easy....
      – sudo rm -rf slash
      yesterday






    • 1




      @Graham the fact the domain name ends in .us doesn't mean it has anything to do with the USA? Anyone can register any domain they want and locate the server anywhere they want in the world
      – user1
      yesterday






    • 9




      @user1 Sure, but the provider who registered the domain is based in the US. Regardless of where the criminal's server is located, at some point they've had to pay a provider in the US to get that domain name. Which means there's a money trail from the criminal to the provider, and a provider in the US will honour requests from the police. Of course there are ways around that money trail - prepaid disposable credit cards are a thing, for example - but it's worth checking.
      – Graham
      yesterday












    • ahh that makes perfect sense. Thanks for clarifying
      – user1
      yesterday






    • 2




      The attackers might have assumed that their details were protected by WHOISguard (which is enabled for free on all domains registered on namecheap (and other registrars)) but the .us TLD is actually not eligible for whiosguard, for whatever reason.
      – rahuldottech
      yesterday


















    27














    I've just checked on Whois.us. Both domains are registered to the same person, with a stated address in London.



    Try talking to the internet fraud team from your local police. Chances are they're overworked, but if they've got some free time then they may be able to go to TLDsolutions.com and trace the payments. For most countries this would be a dead loss, but US ISPs have to keep records and play nicely with police requests. So they may have screwed up by using a .us domain.






    share|improve this answer





















    • lazy thieves making this too easy....
      – sudo rm -rf slash
      yesterday






    • 1




      @Graham the fact the domain name ends in .us doesn't mean it has anything to do with the USA? Anyone can register any domain they want and locate the server anywhere they want in the world
      – user1
      yesterday






    • 9




      @user1 Sure, but the provider who registered the domain is based in the US. Regardless of where the criminal's server is located, at some point they've had to pay a provider in the US to get that domain name. Which means there's a money trail from the criminal to the provider, and a provider in the US will honour requests from the police. Of course there are ways around that money trail - prepaid disposable credit cards are a thing, for example - but it's worth checking.
      – Graham
      yesterday












    • ahh that makes perfect sense. Thanks for clarifying
      – user1
      yesterday






    • 2




      The attackers might have assumed that their details were protected by WHOISguard (which is enabled for free on all domains registered on namecheap (and other registrars)) but the .us TLD is actually not eligible for whiosguard, for whatever reason.
      – rahuldottech
      yesterday
















    27












    27








    27






    I've just checked on Whois.us. Both domains are registered to the same person, with a stated address in London.



    Try talking to the internet fraud team from your local police. Chances are they're overworked, but if they've got some free time then they may be able to go to TLDsolutions.com and trace the payments. For most countries this would be a dead loss, but US ISPs have to keep records and play nicely with police requests. So they may have screwed up by using a .us domain.






    share|improve this answer












    I've just checked on Whois.us. Both domains are registered to the same person, with a stated address in London.



    Try talking to the internet fraud team from your local police. Chances are they're overworked, but if they've got some free time then they may be able to go to TLDsolutions.com and trace the payments. For most countries this would be a dead loss, but US ISPs have to keep records and play nicely with police requests. So they may have screwed up by using a .us domain.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered 2 days ago









    GrahamGraham

    33125




    33125












    • lazy thieves making this too easy....
      – sudo rm -rf slash
      yesterday






    • 1




      @Graham the fact the domain name ends in .us doesn't mean it has anything to do with the USA? Anyone can register any domain they want and locate the server anywhere they want in the world
      – user1
      yesterday






    • 9




      @user1 Sure, but the provider who registered the domain is based in the US. Regardless of where the criminal's server is located, at some point they've had to pay a provider in the US to get that domain name. Which means there's a money trail from the criminal to the provider, and a provider in the US will honour requests from the police. Of course there are ways around that money trail - prepaid disposable credit cards are a thing, for example - but it's worth checking.
      – Graham
      yesterday












    • ahh that makes perfect sense. Thanks for clarifying
      – user1
      yesterday






    • 2




      The attackers might have assumed that their details were protected by WHOISguard (which is enabled for free on all domains registered on namecheap (and other registrars)) but the .us TLD is actually not eligible for whiosguard, for whatever reason.
      – rahuldottech
      yesterday




















    • lazy thieves making this too easy....
      – sudo rm -rf slash
      yesterday






    • 1




      @Graham the fact the domain name ends in .us doesn't mean it has anything to do with the USA? Anyone can register any domain they want and locate the server anywhere they want in the world
      – user1
      yesterday






    • 9




      @user1 Sure, but the provider who registered the domain is based in the US. Regardless of where the criminal's server is located, at some point they've had to pay a provider in the US to get that domain name. Which means there's a money trail from the criminal to the provider, and a provider in the US will honour requests from the police. Of course there are ways around that money trail - prepaid disposable credit cards are a thing, for example - but it's worth checking.
      – Graham
      yesterday












    • ahh that makes perfect sense. Thanks for clarifying
      – user1
      yesterday






    • 2




      The attackers might have assumed that their details were protected by WHOISguard (which is enabled for free on all domains registered on namecheap (and other registrars)) but the .us TLD is actually not eligible for whiosguard, for whatever reason.
      – rahuldottech
      yesterday


















    lazy thieves making this too easy....
    – sudo rm -rf slash
    yesterday




    lazy thieves making this too easy....
    – sudo rm -rf slash
    yesterday




    1




    1




    @Graham the fact the domain name ends in .us doesn't mean it has anything to do with the USA? Anyone can register any domain they want and locate the server anywhere they want in the world
    – user1
    yesterday




    @Graham the fact the domain name ends in .us doesn't mean it has anything to do with the USA? Anyone can register any domain they want and locate the server anywhere they want in the world
    – user1
    yesterday




    9




    9




    @user1 Sure, but the provider who registered the domain is based in the US. Regardless of where the criminal's server is located, at some point they've had to pay a provider in the US to get that domain name. Which means there's a money trail from the criminal to the provider, and a provider in the US will honour requests from the police. Of course there are ways around that money trail - prepaid disposable credit cards are a thing, for example - but it's worth checking.
    – Graham
    yesterday






    @user1 Sure, but the provider who registered the domain is based in the US. Regardless of where the criminal's server is located, at some point they've had to pay a provider in the US to get that domain name. Which means there's a money trail from the criminal to the provider, and a provider in the US will honour requests from the police. Of course there are ways around that money trail - prepaid disposable credit cards are a thing, for example - but it's worth checking.
    – Graham
    yesterday














    ahh that makes perfect sense. Thanks for clarifying
    – user1
    yesterday




    ahh that makes perfect sense. Thanks for clarifying
    – user1
    yesterday




    2




    2




    The attackers might have assumed that their details were protected by WHOISguard (which is enabled for free on all domains registered on namecheap (and other registrars)) but the .us TLD is actually not eligible for whiosguard, for whatever reason.
    – rahuldottech
    yesterday






    The attackers might have assumed that their details were protected by WHOISguard (which is enabled for free on all domains registered on namecheap (and other registrars)) but the .us TLD is actually not eligible for whiosguard, for whatever reason.
    – rahuldottech
    yesterday













    16














    Call the police and sue them in court! That will show them you can be mean. Moreover, it will be legal and you will stay out of trouble.






    share|improve this answer

















    • 30




      Sue who? He doesn't know who they are and the fake "Find my phone" messages won't help. He could try to get the phone location records from the phone company based on cell tower hits, but even if he finds the general location of the phone, he still has to find out who has it. He can call the police, but in my experience, there's little chance of getting them to investigate a single stolen phone.
      – Johnny
      2 days ago






    • 5




      It's probably worth mentioning that the original question doesn't specify that the alerts are fake. At first glance this isn't obvious.
      – Tom W
      yesterday
















    16














    Call the police and sue them in court! That will show them you can be mean. Moreover, it will be legal and you will stay out of trouble.






    share|improve this answer

















    • 30




      Sue who? He doesn't know who they are and the fake "Find my phone" messages won't help. He could try to get the phone location records from the phone company based on cell tower hits, but even if he finds the general location of the phone, he still has to find out who has it. He can call the police, but in my experience, there's little chance of getting them to investigate a single stolen phone.
      – Johnny
      2 days ago






    • 5




      It's probably worth mentioning that the original question doesn't specify that the alerts are fake. At first glance this isn't obvious.
      – Tom W
      yesterday














    16












    16








    16






    Call the police and sue them in court! That will show them you can be mean. Moreover, it will be legal and you will stay out of trouble.






    share|improve this answer












    Call the police and sue them in court! That will show them you can be mean. Moreover, it will be legal and you will stay out of trouble.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered 2 days ago









    A. HerseanA. Hersean

    4,5213921




    4,5213921








    • 30




      Sue who? He doesn't know who they are and the fake "Find my phone" messages won't help. He could try to get the phone location records from the phone company based on cell tower hits, but even if he finds the general location of the phone, he still has to find out who has it. He can call the police, but in my experience, there's little chance of getting them to investigate a single stolen phone.
      – Johnny
      2 days ago






    • 5




      It's probably worth mentioning that the original question doesn't specify that the alerts are fake. At first glance this isn't obvious.
      – Tom W
      yesterday














    • 30




      Sue who? He doesn't know who they are and the fake "Find my phone" messages won't help. He could try to get the phone location records from the phone company based on cell tower hits, but even if he finds the general location of the phone, he still has to find out who has it. He can call the police, but in my experience, there's little chance of getting them to investigate a single stolen phone.
      – Johnny
      2 days ago






    • 5




      It's probably worth mentioning that the original question doesn't specify that the alerts are fake. At first glance this isn't obvious.
      – Tom W
      yesterday








    30




    30




    Sue who? He doesn't know who they are and the fake "Find my phone" messages won't help. He could try to get the phone location records from the phone company based on cell tower hits, but even if he finds the general location of the phone, he still has to find out who has it. He can call the police, but in my experience, there's little chance of getting them to investigate a single stolen phone.
    – Johnny
    2 days ago




    Sue who? He doesn't know who they are and the fake "Find my phone" messages won't help. He could try to get the phone location records from the phone company based on cell tower hits, but even if he finds the general location of the phone, he still has to find out who has it. He can call the police, but in my experience, there's little chance of getting them to investigate a single stolen phone.
    – Johnny
    2 days ago




    5




    5




    It's probably worth mentioning that the original question doesn't specify that the alerts are fake. At first glance this isn't obvious.
    – Tom W
    yesterday




    It's probably worth mentioning that the original question doesn't specify that the alerts are fake. At first glance this isn't obvious.
    – Tom W
    yesterday











    13














    The attackers are skilled enough to not enable the phone and to set up a fake Find My iPhone site. This clearly shows they understand fairly well how the iPhones security features work and are trying to trick you into revealing the credentials that will let them get around those.



    Unless you are highly skilled yourself, they probably have the upper hand in this. The fact that they reach out to you like that shows they are willing to take a (small) risk to get your credentials, so your best bet is to not give them what they want. It is unlikely that you will find a trick that they didn't anticipate, and more likely that in trying you would give them information they can use.



    You should get the IMEI blacklisted, if you haven't yet. This is the best effort to make the phone useless for the thieves. With any luck, they'll ditch it somewhere, someone else finds it and turns it on, and it will show up on Find My iPhone.






    share|improve this answer

















    • 5




      If you get the IMEI blacklisted, couldn't that prevent it from connecting to the internet and therefore prevent it from connecting to the Find My iPhone service?
      – Nonny Moose
      2 days ago










    • It won't work on wireless, but unless I am mistaken, it should work on a Wifi and report in.
      – Tom
      yesterday










    • @Tom Don't you have to have access to the phone to connect it to a WiFi network? At least where I'm from, widely available open WiFi services that grant internet access without user interaction are not a thing. So the phone would very likely not find anything to connect to.
      – Alexander Kosubek
      yesterday












    • That could be true. I think you can connect to wifi from the swipe-upwards screen, but I'm not sure if it allows you to connect to a new network.
      – Tom
      yesterday
















    13














    The attackers are skilled enough to not enable the phone and to set up a fake Find My iPhone site. This clearly shows they understand fairly well how the iPhones security features work and are trying to trick you into revealing the credentials that will let them get around those.



    Unless you are highly skilled yourself, they probably have the upper hand in this. The fact that they reach out to you like that shows they are willing to take a (small) risk to get your credentials, so your best bet is to not give them what they want. It is unlikely that you will find a trick that they didn't anticipate, and more likely that in trying you would give them information they can use.



    You should get the IMEI blacklisted, if you haven't yet. This is the best effort to make the phone useless for the thieves. With any luck, they'll ditch it somewhere, someone else finds it and turns it on, and it will show up on Find My iPhone.






    share|improve this answer

















    • 5




      If you get the IMEI blacklisted, couldn't that prevent it from connecting to the internet and therefore prevent it from connecting to the Find My iPhone service?
      – Nonny Moose
      2 days ago










    • It won't work on wireless, but unless I am mistaken, it should work on a Wifi and report in.
      – Tom
      yesterday










    • @Tom Don't you have to have access to the phone to connect it to a WiFi network? At least where I'm from, widely available open WiFi services that grant internet access without user interaction are not a thing. So the phone would very likely not find anything to connect to.
      – Alexander Kosubek
      yesterday












    • That could be true. I think you can connect to wifi from the swipe-upwards screen, but I'm not sure if it allows you to connect to a new network.
      – Tom
      yesterday














    13












    13








    13






    The attackers are skilled enough to not enable the phone and to set up a fake Find My iPhone site. This clearly shows they understand fairly well how the iPhones security features work and are trying to trick you into revealing the credentials that will let them get around those.



    Unless you are highly skilled yourself, they probably have the upper hand in this. The fact that they reach out to you like that shows they are willing to take a (small) risk to get your credentials, so your best bet is to not give them what they want. It is unlikely that you will find a trick that they didn't anticipate, and more likely that in trying you would give them information they can use.



    You should get the IMEI blacklisted, if you haven't yet. This is the best effort to make the phone useless for the thieves. With any luck, they'll ditch it somewhere, someone else finds it and turns it on, and it will show up on Find My iPhone.






    share|improve this answer












    The attackers are skilled enough to not enable the phone and to set up a fake Find My iPhone site. This clearly shows they understand fairly well how the iPhones security features work and are trying to trick you into revealing the credentials that will let them get around those.



    Unless you are highly skilled yourself, they probably have the upper hand in this. The fact that they reach out to you like that shows they are willing to take a (small) risk to get your credentials, so your best bet is to not give them what they want. It is unlikely that you will find a trick that they didn't anticipate, and more likely that in trying you would give them information they can use.



    You should get the IMEI blacklisted, if you haven't yet. This is the best effort to make the phone useless for the thieves. With any luck, they'll ditch it somewhere, someone else finds it and turns it on, and it will show up on Find My iPhone.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered 2 days ago









    TomTom

    5,204731




    5,204731








    • 5




      If you get the IMEI blacklisted, couldn't that prevent it from connecting to the internet and therefore prevent it from connecting to the Find My iPhone service?
      – Nonny Moose
      2 days ago










    • It won't work on wireless, but unless I am mistaken, it should work on a Wifi and report in.
      – Tom
      yesterday










    • @Tom Don't you have to have access to the phone to connect it to a WiFi network? At least where I'm from, widely available open WiFi services that grant internet access without user interaction are not a thing. So the phone would very likely not find anything to connect to.
      – Alexander Kosubek
      yesterday












    • That could be true. I think you can connect to wifi from the swipe-upwards screen, but I'm not sure if it allows you to connect to a new network.
      – Tom
      yesterday














    • 5




      If you get the IMEI blacklisted, couldn't that prevent it from connecting to the internet and therefore prevent it from connecting to the Find My iPhone service?
      – Nonny Moose
      2 days ago










    • It won't work on wireless, but unless I am mistaken, it should work on a Wifi and report in.
      – Tom
      yesterday










    • @Tom Don't you have to have access to the phone to connect it to a WiFi network? At least where I'm from, widely available open WiFi services that grant internet access without user interaction are not a thing. So the phone would very likely not find anything to connect to.
      – Alexander Kosubek
      yesterday












    • That could be true. I think you can connect to wifi from the swipe-upwards screen, but I'm not sure if it allows you to connect to a new network.
      – Tom
      yesterday








    5




    5




    If you get the IMEI blacklisted, couldn't that prevent it from connecting to the internet and therefore prevent it from connecting to the Find My iPhone service?
    – Nonny Moose
    2 days ago




    If you get the IMEI blacklisted, couldn't that prevent it from connecting to the internet and therefore prevent it from connecting to the Find My iPhone service?
    – Nonny Moose
    2 days ago












    It won't work on wireless, but unless I am mistaken, it should work on a Wifi and report in.
    – Tom
    yesterday




    It won't work on wireless, but unless I am mistaken, it should work on a Wifi and report in.
    – Tom
    yesterday












    @Tom Don't you have to have access to the phone to connect it to a WiFi network? At least where I'm from, widely available open WiFi services that grant internet access without user interaction are not a thing. So the phone would very likely not find anything to connect to.
    – Alexander Kosubek
    yesterday






    @Tom Don't you have to have access to the phone to connect it to a WiFi network? At least where I'm from, widely available open WiFi services that grant internet access without user interaction are not a thing. So the phone would very likely not find anything to connect to.
    – Alexander Kosubek
    yesterday














    That could be true. I think you can connect to wifi from the swipe-upwards screen, but I'm not sure if it allows you to connect to a new network.
    – Tom
    yesterday




    That could be true. I think you can connect to wifi from the swipe-upwards screen, but I'm not sure if it allows you to connect to a new network.
    – Tom
    yesterday











    2














    This message is coming from an 'abundance of caution' so that you understand that you may be engaging in something that may be dangerous (organized / violent criminals). The other postings indicate that the messages are from reasonably sophisticated thieves that are fishing for your info.



    Escalating ("being mean") is potentially dangerous unless you are sure you understand who 1) stole and 2) has custody of your phone. There is a non-zero chance that they know who you are, since it is your phone. The phone may have been transferred to dangerous criminals. If you know someone at GCHQ, maybe they could take it on as a pet project.



    It is understandable that you would like to get your phone back and even a little karma payback: your safer bet is to work with the authorities: just make it easy for the authority to catch the thief.






    share|improve this answer




























      2














      This message is coming from an 'abundance of caution' so that you understand that you may be engaging in something that may be dangerous (organized / violent criminals). The other postings indicate that the messages are from reasonably sophisticated thieves that are fishing for your info.



      Escalating ("being mean") is potentially dangerous unless you are sure you understand who 1) stole and 2) has custody of your phone. There is a non-zero chance that they know who you are, since it is your phone. The phone may have been transferred to dangerous criminals. If you know someone at GCHQ, maybe they could take it on as a pet project.



      It is understandable that you would like to get your phone back and even a little karma payback: your safer bet is to work with the authorities: just make it easy for the authority to catch the thief.






      share|improve this answer


























        2












        2








        2






        This message is coming from an 'abundance of caution' so that you understand that you may be engaging in something that may be dangerous (organized / violent criminals). The other postings indicate that the messages are from reasonably sophisticated thieves that are fishing for your info.



        Escalating ("being mean") is potentially dangerous unless you are sure you understand who 1) stole and 2) has custody of your phone. There is a non-zero chance that they know who you are, since it is your phone. The phone may have been transferred to dangerous criminals. If you know someone at GCHQ, maybe they could take it on as a pet project.



        It is understandable that you would like to get your phone back and even a little karma payback: your safer bet is to work with the authorities: just make it easy for the authority to catch the thief.






        share|improve this answer














        This message is coming from an 'abundance of caution' so that you understand that you may be engaging in something that may be dangerous (organized / violent criminals). The other postings indicate that the messages are from reasonably sophisticated thieves that are fishing for your info.



        Escalating ("being mean") is potentially dangerous unless you are sure you understand who 1) stole and 2) has custody of your phone. There is a non-zero chance that they know who you are, since it is your phone. The phone may have been transferred to dangerous criminals. If you know someone at GCHQ, maybe they could take it on as a pet project.



        It is understandable that you would like to get your phone back and even a little karma payback: your safer bet is to work with the authorities: just make it easy for the authority to catch the thief.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited yesterday

























        answered yesterday









        gatorbackgatorback

        393411




        393411























            0














            Something you could do is to pretend to give them what they want. Go to their site and enter some fake credentials. They might grab those and try them on your phone or on a computer, which might reveal some information about them, like time and IP address of a failed log in attempt, maybe even location of the device.



            Just be extra careful (isolated browser (in a virtual machine), plug-ins disabled, security settings to maximum, anti virus on-access scan enabled,...) when visiting their site to not fall victim to other malware they may be trying to push to you. (Not very nice, but you could use an internet cafe's computer for that. In the worst case, this computer gets infected, but since there's no personal data on it it's not a very big deal to just scrub it and put a fresh image on it; which they might do routinely anyway.)






            share|improve this answer























            • Or use a text-only browser
              – Kelly S. French
              yesterday
















            0














            Something you could do is to pretend to give them what they want. Go to their site and enter some fake credentials. They might grab those and try them on your phone or on a computer, which might reveal some information about them, like time and IP address of a failed log in attempt, maybe even location of the device.



            Just be extra careful (isolated browser (in a virtual machine), plug-ins disabled, security settings to maximum, anti virus on-access scan enabled,...) when visiting their site to not fall victim to other malware they may be trying to push to you. (Not very nice, but you could use an internet cafe's computer for that. In the worst case, this computer gets infected, but since there's no personal data on it it's not a very big deal to just scrub it and put a fresh image on it; which they might do routinely anyway.)






            share|improve this answer























            • Or use a text-only browser
              – Kelly S. French
              yesterday














            0












            0








            0






            Something you could do is to pretend to give them what they want. Go to their site and enter some fake credentials. They might grab those and try them on your phone or on a computer, which might reveal some information about them, like time and IP address of a failed log in attempt, maybe even location of the device.



            Just be extra careful (isolated browser (in a virtual machine), plug-ins disabled, security settings to maximum, anti virus on-access scan enabled,...) when visiting their site to not fall victim to other malware they may be trying to push to you. (Not very nice, but you could use an internet cafe's computer for that. In the worst case, this computer gets infected, but since there's no personal data on it it's not a very big deal to just scrub it and put a fresh image on it; which they might do routinely anyway.)






            share|improve this answer














            Something you could do is to pretend to give them what they want. Go to their site and enter some fake credentials. They might grab those and try them on your phone or on a computer, which might reveal some information about them, like time and IP address of a failed log in attempt, maybe even location of the device.



            Just be extra careful (isolated browser (in a virtual machine), plug-ins disabled, security settings to maximum, anti virus on-access scan enabled,...) when visiting their site to not fall victim to other malware they may be trying to push to you. (Not very nice, but you could use an internet cafe's computer for that. In the worst case, this computer gets infected, but since there's no personal data on it it's not a very big deal to just scrub it and put a fresh image on it; which they might do routinely anyway.)







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited 17 hours ago

























            answered yesterday









            JimmyBJimmyB

            21816




            21816












            • Or use a text-only browser
              – Kelly S. French
              yesterday


















            • Or use a text-only browser
              – Kelly S. French
              yesterday
















            Or use a text-only browser
            – Kelly S. French
            yesterday




            Or use a text-only browser
            – Kelly S. French
            yesterday



            Popular posts from this blog

            1300-talet

            1300-talet

            Display a custom attribute below product name in the front-end Magento 1.9.3.8