iCloud is a weapon in the hands of thieves who unlock stolen iPhones and iPad tablets, taking advantage of the naivety of those who were left without Apple products. After being stolen by thieves, iPhone phones and iPad tablets remain blocked in iCloud and of course the password of an Apple ID is required to unlock the phone and be able to reset it.
Using that email address, thieves send victims emails that appear to be from Apple, but are actually from them, and are used to discover the Apple ID password. Victims are sent links to websites that are supposed to help them unlock their phones and tablets, but in reality, they give thieves the opportunity to do so.
Using this data, thieves unlock iPhone phones and iPad tablets that they then sell, and the groups of thieves are quite well organized in countries such as Great Britain, the USA, India, or Argentina. Tens of thousands of iPhones are stolen annually and unlocked in this way, thieves making millions of dollars from the naivety of the victims.
Unfortunately, the Apple company cannot help users in any way, because they fall prey to their own desire to recover their stolen products. The only method by which these attacks can be stopped is people's refusal to fall into the net of hackers who do them after stealing iPhones and iPad tablets.
"The fraudsters' attack chain is relatively straightforward. They spoof an email or SMS from Apple notifying victims that their device has been found. The eager victim, wanting their phone back, clicks on the link that will compromise their iCloud credentials, which is then reused to unlock the stolen device. The thieves will then subcontract third-party iCloud phishing services to unlock the devices.”
