Evgeny Chereshnev shared his personal experience and wrote an exhaustive guide that can help many people and warn against the consequences:
A smartphone was stolen from me the other day - a professional cyclist thief snatched it from his hands at a speed right in the city center and was like that. It can happen to anyone, anywhere in the world. Due to the professional deformation around IT, data, privacy and security, I was mentally prepared for the situation and knew what to do. Friends with whom I shared my story were advised to write a memo that can be used by everyone, even those who are far from IT. This text is this very memo. She will not return the smartphone to you. But, if it helps someone to reduce damage and save gray hair, it means that it was not in vain that you spent your time writing, and you - reading it.
In all fairness, most thieves are already aware that every smartphone is, in fact, a radio beacon by which you can always track the stolen. Therefore, they rarely leave it turned on - they almost immediately take out and throw away the SIM card, the phone itself is cut down and handed over for spare parts for a penny. Which is extremely disappointing - because the chances that, for example, my iPhone 12 Pro Max 512 will be trivially disassembled into a screen, a battery and several highly demanded microcircuits - tend to 100%. That is, a thief stole an extremely expensive device, and will receive either horseradish or (if he is an idiot) - a term for it. But this is not always the case. Sometimes you can get a real truck and a cart of problems. Firstly, in a number of types of theft (as in my case), the phone falls into the hands of a bad guy in an unlocked state and there is a riskthat the attacker will not specifically lock the device - it will keep it activated and extract the maximum benefit from it, which in theory he will have up to 24 hours (after which the protection system in the factory settings will work and again ask you to enter the PIN code, even if the phone is still pore unlocked). In the unlocked state, the thief has full access to all accounts, correspondence, credit cards (albeit limited), personal mail, calendar, contacts, private photos, settings, cards, and, through accounts like gmail / icloud and Facebook - also to the whole history of life, social connections and so on. At the same time, a thief can successfully pass two-factor authorization, for example, for payments or changing passwords almost everywhere - because SMS comes to the phone in his hands. If you became the object of a targeted attack - that is, the thief knew who you are, followed you for a long time and prepared to steal - it’s bad, because he probably already knows, for example, your phone number and your typical passwords that he bought from hackers or hacked myself in advance. For this case (if you are a tasty target), you need to write a separate instruction (let me know in the comments if necessary).Now we will proceed from the fact that you were simply out of luck and your phone was stolen - unlocked or locked - it is not clear.
1) The first task is to block the connection directly, that is, to make sure that the thief cannot use two-factor authorization. Take a look around - if you are in the city center - find any communication salon, hardware store (usually all demo samples are connected to the Internet there). You need a phone or network access to contact a cellular operator. In my case, I simply stopped a taxi, got into it, explained the situation and asked for a phone number. It took no more than 5 minutes from the moment of the theft to the call to the operator. The mobile operator has the technical ability to instantly do two things. First, to block the SIM card, which is already useful for protecting finances and accounts. Secondly (which many are not aware of), he can blacklist the phone directly. Every modern smartphone has a ton of identifiers, one of which is an IMEI number.
To find out your IMEI, type “* # 06 #" on the keyboard and press the call. Let it be a new feature that you will learn about your smartphone today.
The operator, at your request, can block IMEI and, even if a thief inserts a new SIM card, - cellular communication will not work for him, only WiFi. If the phone comes back to you, the operator will be able to unblock it for you. The
number of your operator is easy to find on the network, or if you just have a stupid phone from the 90s in your hands, dial 112 and they will help you. You will be surprised how cool they work in Russia and Europe. In any other country - use a local service number - in the states it is 911 and they will also help even with that. Because the loss of data and money is also an emergency situation.
2) From the same phone (taxi driver / waiter / seller / policeman) call one (so as not to waste time!) The closest person. That is why you need to know at least one phone number by heart - for such cases, for example. And in your voice calmly and briefly (!) Tell me what happened, that you are fine and that you should not be intimidated, if someone calls from your number or writes from your channels in social networks, most likely they will ask you to transfer money to something similar - make it clear that nothing threatens you and that nothing can be trusted after this call. Then ask the closest one to notify the other most needed people. In my case, my wife simply made a post on her Instagram and everyone who is needed found out.
No joke about the cops. There are a lot of bad rumors about them, but in general - mostly good people work there who will not leave you in trouble. Especially in this one. Feel free to contact a policeman or traffic cop if you see nearby. In addition, hot on the trail, they may still have time to do something. For, if you run it, the chances of catching a criminal are extremely small.
3) For all other steps, you need internet access. If you see any store in the Mvideo, IoN or ReStore format around - go there stupidly - all the baby stands are connected there. If not, your choice. My advice, as I said, is to stop a taxi (they are still, glory to the Singularity, are everywhere - in Moscow, in London, in New York, in Tokyo - we enjoy the last years before the unmanned transport, with which such history won't work anymore). Once in a taxi or on a ride, you can ask the driver for a phone number and the chance that you will be given it from understanding the problem is high. But, even if not - go home or to work - to where you have access to the Internet and money, because the taxi driver will have to pay off and, there is a chance that not for you, because you do not know whether you have left on your account money, or the thief has already withdrawn everything (this is unlikely,but still quite real).
The third option, instead of a taxi, is to find any cafe or restaurant with free Wi-Fi. The chance that the waiters will help you in some Coffeemania or Daily Bread is high. At least in Russia - for sure. In London, I had to pervert and exert myself.
4) Once you have access to the Network on a trusted home device (! This is quite important - if you started changing the password from someone else's device, you will need to change it again at home, because there is a chance that your password has been compromised / remembered on someone else’s device), the first what you need to do is log into your AppleID / Google account. In both cases, if you followed the recommendations of these companies when setting up, they will ask for two-factor identification via SMS - but, unlike the mass of services made by tyap-blunders, here people have thought out everything as it should and the procedure for changing the password without SMS in case of theft phone - is. You will need to answer 2 security questions and still have access to at least 1 mailbox. In this manual, we assume that you are acting quickly and the thief has not had time to change anything yet.That is why there is no need to waste time on blah blah blah and panic. Reset your password immediately. Your AppleID (iCloud) / Android (Gmail) account is the key to everything today. As soon as you reset this password, you can already breathe out a bit, because a smartphone in the hands of an attacker will no longer be able to perform any serious operation, even if your smartphone is in his hands and it has been jailbroken. The system will block it immediately.
5) Next, go to the iCloud / Android security settings and mark your smartphone as stolen. In both cases, this function is explicitly indicated. The system will prompt you to enter a message for the thief - you can give your contact (email / phone) and, or give a message about the ransom, or - whatever you want to show, you can even use foul language - no one cares. An attacker will see a message when the phone enters the Internet (that's for sure), and the phone itself will turn into a brick in his hands - neither restarting, nor dancing with a tambourine and a soldering iron will allow the smartphone to be returned to the state of a working device. After this step, the only one that will be able to use this smartphone is you, when you unlock it, following the reverse scheme.
6) Disconnect remotely all cards that you linked to Apple Pay / AndroidPay / SamsungPay.
Usually, the account interface will offer you this when you select “mark the phone as stolen”, but if for some reason this does not happen, do it manually. And Apple, and Google, and Samsung (they have their own additional software) give such an opportunity. The plastic cards themselves (if they were not stolen) should not be blocked and changed - the wireless payment modules do not have this information in plain text. Rather, the attacker will definitely not be able to see it. They are available only for you and in banking applications, which, in order to show the card number on the screen, necessarily ask for a pin code or authorization. Therefore, you should not worry here. At least if you are a client of a top-5 bank in your country.
7) Enable “Find my Phone” in iCloud / Google account. Every smartphone is a beacon. You can physically see it on a city map if your smartphone is connected to the Internet. If the device is shown on the map, you have a choice - go to the attacker yourself or call the police and say that you have a mark on the map. The police love quick cases solved, so the chances that they will fit in are great. A thief who will be taken with evidence in her hands - they will be credited in full. If there is a mark on the card, you are dealing with an amateur and there really is a chance to save the phone. But, since you are still dealing with a criminal, it is better not to risk it (because you can come with a ransom for a smartphone and lose both it and your pants - that you are being lured out "for live bait", and the criminal has experienced accomplices - too I must think) and or go with the police,or not go at all.
In my case, the phone was not on the card within 15 minutes after the theft.
In the same account, you can press the buttons "turn on the sound signal" and "perform remote erase". As soon as the stolen phone (or what is left of it) gets on the Web, it will start screaming wildly and, most importantly, it will erase everything that is stored on it. However, it is not worth worrying about erasing data - because if the phone is locked (and you have done everything by this moment to make it so), all the information on it is already encrypted and it will be impossible to read it (if you do not enter top 5 intelligence services in the world, of course), but, for the sake of form, it is still worth pressing both buttons.
7.5) Ideally, you need to change 100% of passwords on all services. Moreover, the passwords must be different everywhere.
8) Re-activate two-factor identification for 100% of services.
After that, you can go to the tasks of secondary necessity:
9) You need to replace the SIM card, because without it you are nobody. Your client bank does not work, you cannot order food in Yandex or Samokat, you cannot buy a smartphone with home delivery, because a payment above 3000r will most likely ask you to enter a code from an SMS. And you don't have a phone in your hands. In General, welcome to the real world, Neo. It's really scary how much is tied to a smartphone. Take your passport and go to the communication salon / store. Or, if the infrastructure of your city allows - call and order with home delivery. As a rule, you can order a duplicate SIM card right at the moment when you block the SIM card by phone support, but not always and not from all operators.
10) Don't count on getting your phone back. Or they will return quickly. Look for cash and go buy any smartphone. My advice is to always have a spare at home - just don't sell the old one - let it lie. It is for such cases. If you sold everything, you will have to buy a new one. Here, the main snag is again simple - without a confirmation SMS, the bank will not allow you to spend money on a good smartphone. Therefore, if you do not have a spare phone, you have two ways - either take it from someone, insert a SIM card, set up a client bank, order a phone / pay and return the borrowed device. Or, what works with normal banks such as Alfabank or Tinkoff - you can report the next operation by phone - say that you are buying a smartphone in return for the lost one and cannot confirm the SMS,- the bank will ask you to describe the purchase and its amount and give the code word and passport data. Then he will give the go-ahead for exactly 1 operation. The second scenario is not the best, as the bank may turn on paranoia and invite you to reissue all cards. What exactly overkill, if the cards themselves were not stolen from you.
11) Write a statement to the police.
Yes, that the thief will not be found immediately and the phone will not be returned to you on the same day - the chances are extremely high. Maybe they won't find it at all. But almost all thieves sooner or later come across - once, and most importantly - there is a chance that your device still pops up somewhere, because 100% of the detained phones, as a rule, are checked for "stolen or not." IMEI is easy to pierce. And if you told everything to the mobile operator, the police will always see a red flag and compare it with the one that was stolen from you. And the criminal won't get away with it. I made it out of principle.
12) After completing these 12 steps - safely restore a copy of your data from a cloud backup and come back to life. If no one has published an elephant's ass on your Instagram yet, you managed to protect yourself, because have already changed all passwords, and your smartphone is a brick in the hands of criminals. They will not be able to sell it now, except for spare parts. And if you screwed up everything, you could steal money, and steal accounts, and sell the phone as new.
Prophylaxis
Now - what is worth carefully thinking over and adjusting for the future. For example, I felt much calmer that I had the following features configured / active:
1) Both Telegram and WhatsApp support the function of an additional password at startup. Communication is an extremely important part of life and should be closed with an additional password. Not so that your wife / husband could not read your correspondence while you sleep, leaning your finger against the reader / poking a sleeping drunk face, but just for cases of theft - set another password.
2) All especially complex and confidential communications are best done in special messengers. I myself recommend Threema - they are located in Switzerland (and neutral jurisdiction is extremely important for privacy), and the implementation is paranoid, at the military level. The protection there is very high quality and no one will read anything even on a stolen phone, even if it was stolen unlocked.
3) Trivial advice, but do not trust electronic payments 100%. Have a small cache at home (you don't need to explain this to the peasants - we all have it, and if not, then don't lie :)), at least a basic cache (like Abramovich's is not necessary). It will definitely help you for those 2-3 days that you can sit without a phone and SIM card (I had to wait 3 days during the meeting).
4) I strongly advise you to have a spare smartphone at home and a pay as you go SIM card - that is, a prepaid SIM card that can sit idle for years and starts spending its balance only when you turn it on. It is definitely worth its 500 rubles - you will save a lot of nerves. I usually have a second phone with me. But this time, according to the law of meanness, I left him at home. It's a pity. For all important calls, including to the police, could be made in the first 2 minutes.
5) Have a credit / debit card at home that you don't use, that is not tied to Apple / Android Pay, and so on. Not overexposed, in slang. This card is your thread of life if your smartphone was stolen, and the bank blocked everything that was tied to wireless payment systems. Any bank today allows you to make as many cards as you want.
6) Backups. DO NOT underestimate the importance of backups. Keeping a copy of your smartphone in the cloud costs money. Typically, you will need to buy an expanded iCloud / Gdrive. But this is exactly the case when the miser pays twice. Set up a cloud backup so that your smartphone sends new data to the cloud storage every day, being charged at night. This will allow, in the event of theft, to return the phone as quickly as possible in the state in which you remember it. For example, I lost all chat messages in a day, everything else was restored. For the copy was made automatically and every day.
7) Do not be lazy to come up with new passwords and change accounts (email / password pairs) from time to time. It is clear that the basic reflex is to use the same password everywhere, we are not robots. But, alas, you can take a dare for such an approach. For if your password is stolen and you have it everywhere the same or differs in something like an exclamation mark at the end - a thing that even children-hackers know ... just imagine what a person, whose task is to cause you maximum harm, can do with it.
As one movie hero of the cult film "Hackers" said - "Boy, there are a lot of things in the world that are much worse than death, and they are all at my disposal."
I wish everyone never to face such problems.