November 13, 2025 Criminals are using a new phishing scheme to target people who have lost their iPhones, sending messages that imitate Apple’s device-recovery alerts to steal user credentials.

The scam takes advantage of the information a user displays on a lost iPhone’s lock screen. Attackers copy those details — including the phone model, colour and the contact number provided by the owner — and send a text message or iMessage claiming the device has been located.

The message includes a link to what appears to be an official Apple page. Instead, it leads to a counterfeit login site designed to harvest Apple ID usernames and passwords. Once attackers obtain those credentials, they can attempt to remove the activation lock that prevents a stolen phone from being reused.

The Swiss National Cyber Security Centre says the messages can look convincing, especially when they reference the correct device information. The agency notes that Apple does not send text messages to report a recovered phone and urges users to avoid clicking links in unsolicited notifications.

The advisory recommends enabling Lost Mode through the Find My app, protecting the SIM card with a PIN and ignoring any external login prompts received after reporting a device missing.