Attackers have learned to turn Apple’s security features into a weapon of extortion, exploiting the gullibility of smartphone users on dating sites and social networks.
The Russian Interior Ministry has warned citizens about ongoing attacks targeting Apple users through the iCloud cloud service. Cybercriminals are using the iPhone and iPad’s built-in security mechanisms as tools for blackmail.
Here’s how the scam works:
-
Fraudsters target victims on dating platforms, social media, gaming communities, or job search sites. They patiently build trust by posing as potential partners, employers, or people in need of help.
-
At a key moment, the scammer asks for a “small favor” — to log into their iCloud account from the victim’s device. The excuses vary: printing airline tickets, downloading an app blocked in Russia, retrieving data from a supposedly broken phone, or installing a working program.
-
Once they gain access, the criminals immediately activate the Find My iPhone feature and enable Activation Lock. These tools, meant to protect against theft, become a method of extortion. The device gets locked remotely, and a ransom message appears on the screen.
The scammers usually demand around 10,000 rubles to unlock the device. They threaten to permanently block the phone or erase all personal data. They may gain access to photos, contacts, messages, and other sensitive information.
Experts emphasize that the problem doesn’t lie in Apple’s technology, but in social engineering and user carelessness. The protection system functions as designed — but against the user. If a lock is detected, users should immediately disconnect their device from the internet — by switching on airplane mode or turning off Wi-Fi and mobile data. This can stop further remote access.
Next, victims should report the case to their local police, providing evidence such as screenshots of chats, phone numbers of the scammers, and details of any money transfers. To regain access, users must contact Apple Support through iforgot.apple.com. Account recovery can take several days to weeks.
Apple will ask for the bank card linked to the Apple ID, the device’s serial number, a purchase receipt, and a valid ID or passport. The company strictly verifies this information to ensure only the true owner regains access.
Law enforcement strongly advises against paying the ransom — it does not guarantee the device will be unlocked and only encourages more criminal activity. Going through Apple’s official recovery process is the only safe and reliable way to regain control.