If you think Apple’s ‘Find My’ feature was just there to help you locate your phone when it slipped down the side of the couch, think again. It turns out this service also helps law enforcement capture criminals.
The original “Find My iPhone” was introduced in 2010 as a feature on the iPhone. It was a separate service from “Find My Friends,” which allows you to track the location of contacts who consent. Apple merged these in 2019 for iOS 13. Today, the service works with AirPods, Macs, and even third-party devices. It uses Bluetooth to send short-range signals that can be picked up by other Apple devices, which then relay the lost item’s location to Apple. When you open your iPhone to locate a missing device on a map, that’s what you’re using.
It turns out that “Find My” is great for finding stolen devices too.
On Christmas Eve last year, a phone theft victim used the service to track their stolen device. The signal led police to a warehouse near Heathrow Airport containing almost 900 stolen phones destined for Hong Kong.
This discovery prompted police to launch Operation Echosteep, an investigation that lasted nearly a year. By its end, it had resulted in 46 arrests following raids across 28 locations. Police in the UK recovered over 2,000 stolen devices, exposing a criminal network that was smuggling up to 40,000 phones each year. The stolen devices eventually ended up in China, where they could sell for a high price.
Phone theft is a scourge in London, with street thieves on e-bikes turning this nefarious activity into a business. They can sell the phones they steal for £300 each (around $400). They will usually wrap devices in aluminum foil to block tracking signals.
This isn’t the first time a phone has been tracked. The Financial Times reported in May about a tech entrepreneur named Sam Amrani, whose phone was stolen in Kensington, London. He tracked his phone’s journey all the way to a neighborhood in Shenzhen, China, that is known for its second-hand phone market. Even phones that are activation-locked to avoid data being stolen can still be stripped for parts, retaining up to 30% of their value.
Lawmakers in the UK have voiced concerns about the growing phone theft problem. At a Parliamentary hearing in June, they asked Apple and Google why they weren’t doing more to build anti-theft measures into their systems.
Every device that connects to a mobile network has a unique identification number called an International Mobile Equipment Identity (IMEI). When a device is reported stolen, its IMEI can be added to a global “blacklist” managed by the Global System for Mobile Communications Association (GSMA). Mobile networks can then block that phone from connecting.
However, this system only works in countries where carriers actively enforce the blacklist. Many don’t—which means a phone stolen in one country can still be sold and used in another.
That’s why lawmakers want Apple and Google to go further. As Member of Parliament, Martin Wrigley, complained at the hearing:
“You can stop this by blocking IMEIs on the GSMA IMEI blacklist, and you’re just deciding not to do so yet.”
If Apple and Google also refused to activate or connect GSMA-blacklisted devices to iCloud or Google accounts, those phones would become useless anywhere in the world. That would make stolen phones far less valuable and could significantly reduce theft.
The UK government isn’t waiting for tech companies to act. In February it introduced the Crime and Policing Bill, giving the police new powers to search premises where stolen devices have been geolocated—without needing a warrant.
In the meantime, what can you do to protect yourself? Keep your phone in your pocket, preferably an inside pocket, and don’t walk down the street blithely holding it to your ear or gazing at the screen. Use earphones if you need to talk, but stay alert to your surroundings. That’s good advice for anyone, anywhere—whether they’re using a phone or not.
We don’t just report on phone security—we provide it
Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.
