Recently I made reference in several venues to an article that described a sophisticated and interesting exploit to steal iOS credentials from a stolen Apple iPhone.
The core element of the article was that when the owner discovered the theft that he activated “…all the ‘send me email when the phone returns online’ checkboxes….” Some eleven days later, the owner received an email and a SMS that the phone had been found. All the owner needed to do was to log-in to iCloud to see the location where the phone was.
The only problem was that the message was a spoof of iCloud. It was a classic phishing attack designed to capture the owner’s credentials.
This episode brought back to mind an example of a similar style ruse that an attacker could possibly perpetrate against a FileMaker Pro file.