SecureMac, Inc.

Checklist 318: Let’s Not Be Victims

March 3, 2023

How to avoid AirPods theft; iPhone passcodes and physical security; and making AirDrop safer.

Checklist 318: Let’s Not Be Victims

This week on The Checklist by SecureMac:

  • Protecting your iPhone passcode—and your iPhone
  • Keeping your AirPods on your own head
  • Steering clear of AirDrop pranksters 

Shoulder surfing and your iPhone

According to a recent article in 9to5Mac, criminals are spying on people in public to learn their iPhone passcodes—and then stealing their iPhones. The potential impact of this crime is huge, since not only do criminals have your iPhone, they also have access to all of your accounts and data.

The folks at 9to5Mac have some suggestions on how to prevent this:

  • Use biometric authentication (i.e., Face ID or Touch ID) when in public.
  • Shield your screen from view if you must use your passcode in public.
  • Replace your 4-digit or 6-digit passcode with a unique alphanumeric passcode.
  • Remove sensitive account passwords from Keychain—or store them in a third-party password manager that can’t be unlocked with your iPhone passcode. 

Yoink go the AirPods

Moving from iPhones to AirPods, an AppleInsider piece reports that thieves are stealing AirPods right off of people’s heads in New York. According to the Insider, the bad guys sneak up behind unsuspecting pedestrians, grab their AirPods, and make their getaway on a moped.

Thankfully, no one has been physically harmed in these thefts. But it raises the question: How can one use $549 wearable electronics without risking theft?

There may not be a satisfactory answer. One option is to use AirPods in Transparency mode, which allows background noise to filter through to a user’s ears and, hopefully, help them to be more aware of their surroundings. 

The more reliable security measure, however, is the tried and true one: Avoid displaying flashy, expensive, and easily snatched belongings when you’re walking around a major metro. 

AirDrop grounds an airplane

Another recent 9to5Mac story tells of a student who caused a panic on his flight when he began to AirDrop photos to fellow passengers—after he’d changed his iPhone name to “I have a bomb.” 

The youngster in question ended up in juvenile detention, and the FBI was called in to investigate. The incident is a good example of why Apple decided to make it harder to leave AirDrop open to “everyone” in iOS 16.2. Beginning with that update, iPhone users could only use AirDrop in “everyone” mode for 10 minutes at a time. 

So why did the other passengers on this plane receive a stranger’s AirDrop notification? There are a couple of possibilities. Presumably some of them simply hadn’t updated their iPhones to the latest OS—the iOS 16.2 release was only in mid-December, and the aforementioned incident happened in February. Others, however, may have been using older versions of iOS because their devices couldn’t support iOS 16. 

But in either case, most flyers on that plane still shouldn’t have received an alarming AirDrop. If you’re using a device that supports the latest version of iOS, you should always keep it up to date. And if you’re using an older version of iOS, make sure that you don’t leave AirDrop open to “Everyone.” Use the “Contacts Only” or “Receiving Off” settings instead. For details on how to make that change, check out Apple’s AirDrop support page.

Get the latest security news and deals