icloudfound.com

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I

Report: Careful when you loose an iPhone I use Airbnb so people comes to my apartment, I went on vacations for a week, I decided to block my calendar so that I didn’t host anyone because my apartment was going to be alone and when I came back I noticed that my second iPhone was stolen.... Two days later I started receiving several sms messages telling me that my phone was turned on, connected to the internet, located, “changes were made to the phone”, etc... with a link to view the phone on the map. The url was http://appIeconnect.la/56556 Notice that there is an uppercase letter, when you open the site it becomes lower case, the url in reality is http://appieconnect.la/56556 The url they send has a number that identifies you and ONLY works when someone is attacking you. Because the link only works when someone is attacking, note that google chrome, safari and opera didn’t recognize the site as suspicious and didn’t raise an alert because they don’t use SSL. When browsers start raising alerts, they change the url. This is another example: http://icloudfound.com/56556 They are using amazon web services SMS service, so messages are coming from US and (if you don’t live in the US) also from local numbers, many services use that service to send two factor authentication codes, so truecaller and sms filtering apps didn’t recognize the sms or phone numbers as suspicious. Sms messages also are in the language you speak, in my case Spanish, but in that moment I didn’t realize that I have all my devices and services in English and should get the sms in English. The sms number was sent to my personal phone number, not to the number of the SIM card that was on that phone, the sms includes iPhone model, capacity When you open the site you see a PERFECT iCloud site, with proper colors, perfect animations, responsive (works great in phones and desktop browsers), perfect canvas. They ask for a six digit code, I didn’t know what they’re asking for, so I called Apple. I