Action plan in case your phone is stolen

[CarderPlanet]

Hello everyone, or rather good morning. Pavluu with you. Today, our phone is almost the center of our universe, because all 2fa are tied to it, in which we store passwords (special of us), our cryptocurrency wallets inside our mobile, etc. It's a risk, right? Today we'll talk about how to act in case of loss / theft of your phone.

STEP 1. BLOCKING, SEARCHING, ERASING
Any protection can be bypassed, so the first thing we should do after the loss or theft of a smartphone is to block it and try to track the last location.

And in which case, just erase all data from memory. All this can be done both with the help of tools built into the OS, and using special software such as Prey and other anti-theft software. The first option is always available, even if you have not installed anything on your smartphone, so we will consider it.

Android
1. Open Device Manager in the browser.
2. We select the desired device in the list. Click the small location icon. If the smartphone is "online" - its position will appear on the map.
3. Using the "Block" command, put a digital password on the smartphone and enter a message that the thief will see. We also indicate the number that the thief can call to return the smartphone (an oxymoron!).
Using the "Clear" command, you can delete all data from the smartphone (and if the smartphone is not currently connected to the Internet, the operation will be performed as soon as the Internet appears). However, keep in mind that the memory card will remain intact, since there is nothing to look for except for photos and a cache of games on it. Two life hacks:

• All described operations can be performed from another smartphone / tablet using the (surprise!) Device Manager application;
• Google recently launched a Timeline service that shows all the places your devices have visited (along with driving directions).

iOS

1. Open the iPhone search page or launch the Find iPhone app on another iOS device.
2. We select the device and see its geolocation on the map.
3. We turn on the "Lost Mode". It allows you to remotely lock your device with a four-digit password and display a customizable phone number message on the lock screen to leave an attacker free to surrender. All data can be deleted from the device in the same way. But after this procedure, it will be impossible to determine the location using the Find iPhone application.

But the Activation Lock feature will remain on, which means that no one can use your iPhone until they activate it with their Apple ID. Activation Lock is automatically disabled after unlocking the smartphone from Apple ID.

Windows Phone

1. Go to the address of the Microsoft device.
2. We select the phone and click the item "Phone search". We see the map.
3. We press "Block" and follow the instructions. If a password has not yet been set on the phone, you will need to enter it. It will be used to unlock.

By the way, I advise you to enable the Phone Finder service in advance. It will save locations every few hours to make it easier to locate your phone. To activate it, in the settings, check the box next to the item "Find phone".

SIM card
We call the mobile operator and ask him to block the SIM card. Operators usually do not immediately block the SIM card, but for some time send messages to it with a request to return the stolen phone.

STEP 2. DISCONNECTING FROM THE CLOUDS
Modern smartphones are completely cloud-based. Google, iCloud, Dropbox, Facebook, Vkontakte, Twitter are all cloud services, and we use them every day. Of course, if a smartphone falls into the hands of another person, it will automatically gain access to almost all of your life, from mail and calendar to personal files from Dropbox. However, in most cases, it will not be difficult for us to untie the smartphone from the clouds, and for this we don't even have to change passwords.

In the case of Android, the first cloud to disconnect from is, of course, Google. To do this, open the page of applications associated with the account, click on the name of the lost / stolen device and click "Delete". This action will completely disconnect the device from Google, which means from the market, Gmail, calendar and a bunch of other services of the company. Only cached data (mail, for example) will remain on the smartphone. At the same time, Device Manager will continue to see the device and show its location. As for other services, I have prepared a short list with instructions.

• Dropbox. We open the security page. On the "Devices" and "Connected Applications" tabs, disable the lost device and the applications that were installed in it.
• "In contact with". Go to the application settings, then find the required application and click "Remove".
• Twitter. We go to the list of connected applications, click "Close access" next to the required applications.
• Facebook. Open the list of applications, click "Finish action" where necessary.
• Skype.We change the password, there is no other way out.
• Instagram. We also change the password.
• "Classmates". We turn off all devices at once. Yes, just all at once.
• Viber. Quick and convenient remote blocking, message clearing in this messenger is not provided. To do this, you will have to contact their support service and wait for a response (and blocking) for quite some time. Convenient messenger, isn't it?
• Telegram. If the web client was activated through the number of the lost smartphone and you did not clean the cooke, then you are lucky. You can block a stolen device through a browser from your computer. To do this, open the Telegram website, then "Settings -> Active sessions -> End session" near the desired device.
• WhatsApp. It will fall off by itself some time after changing / blocking the SIM card.

It is worth noting that all this is protection against logging into an account from a device. None of the services mentioned use a password to log in with a mobile app. Instead, each device is issued a token, which in most cases will only give access from that device. The password itself will remain intact. Almost all other well-known services work the same, not to mention e-wallets and mobile banks. Although changing your password or even a bank card, of course, will not be superfluous.

STEP 3. WE WRITE AN APPLICATION, LOOKING FOR SHARES
If it was not possible to find the phone or it turned out that it was in the hands of an outright gopot, we turn to the police and get ready to stand in lines for a long time and write a lot of statements. The method is not very effective, or rather practically ineffective, but what the hell is not kidding. The following papers are required:

• passport;
• Original packaging with an IMEI number (of course, this number will not be accepted on a piece of paper);
• a receipt confirming the purchase.

Life hack 1: if you write “loss” and not “theft” in the application, then the time for processing papers and transferring the application to the security service of the telecom operator will be slightly reduced.

Life 2: call and ask how things are going, otherwise they will just be scored on him.

It will be correct to go to the points of sale of second-hand phones. It is also worth looking for a phone at flea markets such as Avito, as well as in local classifieds newspapers and similar places. Just in case, we leave the data of our device on sites that allow potential buyers to check phones by IMEI for criminal origin. A popular collection of IMEI stolen phones. On this, in general, everything.

WILL THE PROTECTION MEASURES WORK?
OK, let's say we couldn't find the phone. But we put a PIN on the lock screen, the smartphone has a fingerprint scanner, and the manufacturer probably took care of our data. Well, let's try to figure out if this helps.

PIN
In most cases, a pin code and pattern guarantee 99% data safety, but only if we are talking about iOS, Windows Phone or an Android device with a locked bootloader, for which no protection has been found. In this case, even if the person who found your Googlephone unlocks the bootloader by legal means, the smartphone will be automatically reset to factory settings. On the other hand, if the bootloader has already been unlocked, then no protection system will help. It takes two minutes to remove the pin code via custom recovery.

Third party anti-theft
The problem with all third-party antivirus is that almost all of them are defenseless against a hard reset or flashing. The only thing that stands out from the crowd is a special version of Avast Anti-Theft for rooted smartphones. In addition to a bunch of functions, it has tremendous survivability and not only registers itself in the system partition under an innocuous name (to withstand a reset to factory settings), but also places a script to restore itself to /etc/addon.d, from where custom recovery scripts are automatically launched before / after flashing.

In fact, this means that even if a person installs any other firmware via custom recovery, the anti-theft will still remain in place. Fingerprint recognition systems It might seem that a fingerprint-based protection system is almost perfect in the event of a lost / stolen smartphone. The thief or the finder of the smartphone hardly knows you and certainly cannot have access to your fingers. However, there is another side to the coin. At the Black Hat conference in Las Vegas, Tao Wei and Yulong Zhang of FireEye showed that fingerprint scanners on Android devices are vulnerable to dumping the fingerprint itself.

In fact, this means that if someone "opens" your lost smartphone, they will be able to take possession of not only your data, but also fingerprints, and apart from the passwords you will not change them.

The problem exists on the HTC One Max and Samsung Galaxy S5, but is missing on the iPhone - it stores the image encrypted.

Sony My Xperia Theft Protection (MXTP)
The latest Sony Xperia models, starting with the Xperia Z3 +, M4 Aqua, C4, Z4 Tablet, have My Xperia Theft Protection. It is integrated into the bootloader itself and, if activated, tightly locks the smartphone. Even if after that you flash your smartphone using PC Companion or FlashTool, when you turn it on, you will still be prompted for a password from your Google account. You can activate it in the security settings under "Protection with my Xperia". But do not try to enable the function after unlocking the bootloader, it will turn the smartphone into a brick.

• Apple's Activation Lock, Samsung's Reactivation Lock, Windows Phone Reset Protection, Activation Lock is an add-on to Find My iPhone that links the device to the owner's account. The innovation in iOS 7. The principle of operation is simple: even after a factory reset, the iPhone cannot be activated without the Apple ID and password of the previous owner (which is very often used by ransomware sellers).
• Reactivation Lock is a very similar feature from Samsung. It is available on all of the company's flagships, starting with the Galaxy Note 3 and Galaxy S5. After turning it on, the devices will require a password to reactivate the device after a rollback to the factory settings, or even to start the rollback itself (depending on the settings). Specially for Reactivation Lock, smartphones have a special memory area protected from hardware reset.
• Reset protection is a protection system similar in functionality to those described. As conceived by Microsoft, it will not allow an attacker to bypass the password by hard reset and / or the subsequent launch of a new custom firmware or downgrading the Windows Phone version. Available from Windows Phone 8.1 GDR2 (Update 2) and higher. Located in Settings -> Find My Phone.
• Qualcomm SafeSwitch is a hardware-based Kill Switch that is activated at boot time. According to Qualcomm, the system makes the smartphone as resistant to hacking as possible. Available starting with Snapdragon 810.