Criminals are once again targeting iPhone users in order to try and trick them in handing over their Apple ID and password.
The latest scam preys on users who have lost their iPhone or had it stolen.
One unlucky victim has posted online about how he was targeted by cyber criminals after his iPhone was stolen from his car.
After reporting his phone as stolen, Joonas Kiminki immediately logged his phone had been lost using the Find My Phone feature, which informs users if their phone is found.
Joonas later received an email from what he thought was the Find My iPhone service saying that his iPhone had been found.
The email asked him to click on a link and login to his iCloud account in order to find out the location of his missing iPhone.
Joonas admitted he was almost caught out by the scam but at the last moment realised that the link in the email was malicious and actually led him to a website with the URL of http://show-iphone-location.com/, rather than a legimate Apple URL.
Joonas says he thinks the thieves who took his phone may have found his name from Apple’s health app, Medical ID, and used reverse engineering to access his email address, a technique which is being increasingly used by cyber criminals to obtain people’s personal information.
If the thieves had managed to obtained Joonas’ Apple ID and password they could have used it to mark the phone as found, before wiping it clean and either using it themselves or selling it on. They would also have been able to access the payment or card details linked to his account.
Joonas took to blogging site Medium to warn others about the Find My iPhone scam.
“If you ever lose your iPhone, iPad or iPod, be extra alert for upcoming identity theft attempts”, he wrote.
“The scam was so professional with perfect English and mobile responsive web pages that I consider myself lucky not to have given away my password.”
This latest scam follows a number of similar attempts to try and trick users in handing over login details and passwords to their accounts.
Last month, some iPhone users reported being sent a fake invoice which urged them to login to their iCloud account.
However, Apple states on its website that it never asks users to provide personal or sensitive account information via email.