Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Cope with a Hack of Your Apple ID Account

It’s no fun when someone manages to hijack your account. That can be especially unnerving with an Apple ID, because of how it’s used widely among Apple’s devices, iCloud services, and purchases.

However, Apple has some built-in safeguards to protect your account. Even if someone obtains your password (when 2FA isn’t enabled), you’ll be notified of many kinds of activities, the hacker may be blocked (even if they have the password), and you should be able to reassert control.

Recognize an Attack in Progress

Be prepared to recognize the signs of an attack before someone manages to hijack your account. Here are some things to look out for:

Apple alerts you when certain changes take place to your Apple ID account information. You’ll be pinged, for example, when a new trusted phone number is added or an app-specific password is generated on the Apple ID website for a 2FA account. If you start seeing messages and you haven’t made the changes or requests, something’s afoot.
You receive emails to an iCloud address that appear to relate to actions you’re taking at other sites, but that you haven’t done.
Your email or other iCloud services stop working on any device or in any program.
You start to receive two-factor alerts about logins that you didn’t initiate.
The phone company that manages your iPhone’s account calls or texts or emails you with a change in service you didn’t initiate.
You receive text messages, like authentication codes for non-Apple services, that you didn’t request.
One of your devices was put into Lost Mode or locked, which can only be accomplished using the Find My service.
You start seeing charges on cards you own via apps that alert you to charges or email warnings, or you receive a call from a credit card company about suspicious charges.

Tell the Difference Between a Hack and Phishing

It’s critical to tell the difference between emails coming from an attack in progress and phishing, where people attempt to fool you into providing your login information or financial details.

With phishing, an email message, a text message, or even a phone call originates from dubious sources. Look at the actual return address or Caller ID-provided number. Links are suspicious if, for example, they don’t lead to a company’s main site. For example, a link to Apple leads to something like apple.euiw098sf08.90809808adsf8a0d.net instead of to apple.com.

You can also usually tell something’s off when the message includes misspellings, weird logos, odd grammar, or strange requests you’d never expect of the sending company or service.

In a hijack, you’ll receive emails that typically alert you of a problem without providing a link, because real companies know that a link may have you thinking that the email is a phishing attack!

If any of the above are true, it’s time to take immediate action to see if you can stop a hacking from gaining control.

Stop an Attack in Progress

You may be able to stop an attack in progress. However, if you can’t follow the steps in the first section below, I advise in the second section how to disable your account with Apple’s help.

Try to Halt the Attack

If you believe someone is trying to gain access to your Apple ID account or may have already have gained access, take action:

Take all your devices off the network. Use Airplane Mode on iOS or iPadOS devices and turn off Wi-Fi or unplug Ethernet on Macs.
Log in to the Apple ID website, click Sign-In and Security at left, and then click Password from another computer or device. If you cannot log in, see below. Type in the address https://appleid.apple.com or follow this link to avoid phishing attacks (see Tell the Difference Between a Hack and Phishing).
If you don’t have two-factor authentication enabled, follow the instructions in Enable Apple’s 2FA to turn it on after you change your password.
If you’ve already enabled 2FA, revoke all your app-specific passwords (see Use App-Specific Passwords). Create new ones as you need them.
Log in to your cellular account or call your cellular carrier and ensure that no changes have been made to your phone account recently.
If you use an email provider other than iCloud, log in to your account using your provider’s web interface and confirm that nothing has been modified there. (Enable 2FA while there, if you haven’t already.)

If You Can’t Log In to Stop the Attack

If Apple doesn’t let you log in with your Apple ID in any of the usual places, including the Apple ID website, it can mean one of two things: Either someone has hijacked your account, or Apple has disabled your account temporarily because of attempts to hijack it. (You should have received an email message or some other sort of message from Apple if your account was disabled.)

If your account is locked, you can follow Apple’s steps to unlock it. I detail these in Deal with a Locked Account.

Failing that, contact Apple. You will need to provide proof of identity—Apple has to resist being phished as well! But the support staff can lock your account and help you regain access.

Deal with an Account Lost Forever

This book doesn’t have a therapy license, so I can only pat you on the back and say “there, there.” Joking aside, you may find yourself unable to regain access to an Apple ID.

This could happen if you’ve moved, if an old email address or phone number associated with the account becomes available, or if you enabled the recovery key option described in Recover Access with a Recovery Key and can’t find the key or have no access to a trusted phone number.

It’s also the case if someone hijacks your Apple ID and you can’t provide enough information to Apple to convince them that the account was stolen from you. I’ve gotten letters from people who’ve experienced all these scenarios—and more.

Wondering what the damage will be if you permanently lose access to your Apple ID account? Here’s the list of what you’ll lose:

Any media and app purchases, with the exception of downloaded music from the iTunes Store or via iTunes Match.
Email access to an iCloud account.
iCloud.com and sync access to contacts, calendar entries, notes, and iCloud Drive files that aren’t downloaded.
Photos and videos stored at high resolution with iCloud Photos that weren’t downloaded to an iOS or iPadOS device or a Mac. (A Mac can, by default, download and retain all media at high resolution.)

If this happens to you and you use iCloud email with this Apple ID, it’s critical that you alert your contacts as quickly as possible to tell them you no longer have access to that email address. You also need to remove the address as a backup email account or an account login at every service with which you’ve relied on it. (This is another Public Service Announcement for password managers: The apps let you quickly find everywhere you’ve used an address as an account name.)

Also make sure to sign out from any locations that remain logged in to the account. While this may seem like a bad idea if someone hijacked your account—as you’re retaining some access to the account as long as you’re logged in—they could obtain more information about you, including your contacts, photos, and device locations.

Finally, make a full clone or backup, and then follow the instructions in Migrate from One Apple ID to Another to shut down and move to a new account.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Cope with a Hack of Your Apple ID Account

Create new playlist

Sign In