- Apple is marketing a security feature after the WSJ revealed it can be used by iPhone thieves.
- Thieves have reportedly taken up to $10,000 through iPhones by using the Apple ID reset feature.
- One victim of the iPhone theft scheme said that Apple wasn't helpful in addressing the issue.
Thieves have reportedly taken thousands of dollars through iPhones they've stolen — yet Apple is marketing a feature that may be making it easier for criminals to do just that.
Earlier this week, Apple made a post on X, previously known as Twitter, that included a short video on how Apple users can change the passwords to their Apple ID accounts.
"Can't remember your Apple ID password? It's easy to reset right on your iPhone or iPad. Here's how," the post said."
It comes just months after a Wall Street Journal investigation revealed that the feature has been used by thieves to lock users out of their accounts for nefarious purposes.
In response to Apple's post on X, Joanna Stern — who was one of the Journal's reporters involved in the investigation — expressed her frustrations over the tech giant promoting the feature.
"I absolutely cannot believe Apple is marketing this as a feature," Stern wrote on X. "This feature needs to be changed. Not marketed."
According to the WSJ's investigation, thieves go to places like bars and watch potential victims enter their passcodes to unlock their iPhones. After that, the thieves can swiftly steal their target's iPhone and use the passcode to change the phone's Apple ID password. That way, victims are logged out of their iCloud accounts.
In turn, the thieves can disable the "Find my iPhone" feature, sign out of trusted Apple devices like Mac Books and iPads, and change a trusted phone number, the WSJ reported.
By locking users out of their iPhones, thieves have reportedly stolen up to $10,000 from users' bank accounts — either directly or through third-party cash transfer apps like Venmo and Zelle.
In response to Stern's post, John Gruber, a popular tech blogger, chimed in with his own thoughts on Apple's marketing. While Gruber said he wasn't surprised that Apple continues to promote the feature — he claimed "a lot of people wind up using this" — he said he found it hard to believe that Apple doesn't seem to be taking the necessary measures to make it safer.
"Harder to believe is they don't offer a way to disable it, or that using the feature doesn't have a waiting period or something, to mitigate the abuse you've documented by thieves," Gruber wrote.
Stern's assertion that Apple hasn't done much to address the vulnerability may ring true for some victims of the iPhone theft scheme.
Reyhan Ayas, a New York-based economist who got her iPhone stolen last November, previously told Insider that Apple's support team "was not helpful at all" when she tried to regain access to her iCloud account.
Even though Ayas said she got locked out of using her MacBook laptop and was the victim of the thief stealing thousands of dollars from her bank account — and even of the thief opening an Apple credit card under her name — Apple kept asking "have you tried Find my iPhone?" when she sought assistance, she said.
"Of course, I tried it like minute three, I tried it," Ayas told Insider in reference to the "Find my iPhone" feature. "Like, this is a joke to you. My entire life is a shambles, yet you're still asking if I tried it."
Still, it appears as though Apple hasn't taken the feature's vulnerability that seriously. When reached for comment, Apple told the Journal that while the company extends sympathy to victims, incidents of iPhone theft enabled by the feature are uncommon since they require stealing the device and its passcode.
"Security researchers agree that iPhone is the most secure consumer mobile device, and we work tirelessly every day to protect all our users from new and emerging threats," an Apple spokeswoman told the Journal.
Apple, Stern, and Gruber didn't immediately respond to Insider's request for comment for this story.
