The lessons I learnt from my iPhone mugging
Yesterday, I had one of the most unpleasant experiences of my life when I was mugged at knife point in broad daylight just metres from my front door. But I learnt a lot about how I could have allowed the police to better respond to a crime like this, and the actions that I needed to take to ensure my data was safe.
What was the robber after? My iPhone, according to the police, the target of many mugging attacks.
Here’s what happened. After arriving at my nearest London Underground stop, in North West London, I walked up a side street to my house. It’s a journey I’ve made hundreds of times and never one that I have been particularly concerned about my safety during. While walking, I received a text message, which I was replying to. I have to say that given it was 10.20am, I didn’t feel particularly at risk for having done so.
I was wrong, and from nowhere, a youth on a bicycle confronted me holding a knife. “Give me your iPhone” he shouted. I wasn’t sure how to react; I looked around while shouting “leave me alone!” But as I looked I became aware that there was no one else on the street.
The youth came closer to me, I was holding the phone, but he was on his bike and I did try and run, principally because I didn’t want to actually get into physical contact with him. He started grabbing me and somehow my iPhone cover seemed to get detached from the phone, leaving him with the cover and not the phone. “Don’t be f**king stupid!” he shouted, pushing a blade close to my neck. I gave up, giving him my phone and he cycled off.
I ran home, I’m not ashamed to say, crying. When I got there I immediately phoned the police while loading my iPad. The operator told me that officers would be with me in minutes, with their own iPad so that they could use “Find My iPhone” to see if the criminal was still in the area, the operator asked for my logins so that they could start looking while driving to me. I tried myself as well, but the location services settings on the missing iPhone appeared to have been disabled.
Within minutes, two wonderfully calming police officers arrived and we went out in their car to try and identify the robber. Had he have not turned off the location settings, it may have been possible to work out where he was.
I realised that, unlike when I had my phone pick-pocketed (I seem to have a face for this sort of thing), my phone wasn’t locked when it was stolen. I had already unlocked it to reply to the message. This meant that the robber had a lot more access to my device that they would have done if it had have been locked. Indeed, when my phone was pick-pocketed in New York, police were able to find the rough location of the phone, but were unable to recover it. But even knowing the rough location was only possible because it was still continuing to beam out its location until it was switched off.
Yesterday’s attacker appeared to have immediately switched off the location services settings on the iPhone. But I’ve since learnt that it’s possible to prevent someone from doing this. In addition, it’s important to ensure that the robber doesn’t turn off functions like “Find My iPhone”.
Here’s how you do it:-
(1) Open the settings function
(2) Touch General
(3) Select Restrictions
(4) This will ask you to set a Restrictions passcode. Chose one that is different from your unlock passcode
(5) Scroll down the list of restrictions until you find “Allow Changes”
(6) Open Location
(7) Select the “Don’t Allow Changes” option
(8) Go back to the Restrictions menu and select Accounts
(9) Then chose “Don’t Allow Changes”, this stops iCloud and Find My iPhone being disabled then repeat for “Deleting Apps”
This will mean that anyone who gets hold of your phone will find it very hard to stop it beaming out a location and it stops them from disabling iCloud and Find My iPhone
Of course this sort of trick only helps if the phone is still connected to your phone network. It’s likely though that you will choose to block your SIM CARD in case someone starts making a load of expensive calls. But it will be worth keeping it connected for a little while to see if the device appears on “Find My iPhone” or on iCloud.com.
But the other key thing that I started to consider was whether the person may gain access to my personal information stored inside my iPhone. As soon as the device locked, the robber would be in theory locked out because I always use an eight digit passcode (rather than the standard 4). But if they kept playing with the phone (maybe on wifi) then they would continue to gain access to my personal information.
So I considered what I would need to do to ensure they couldn’t access anything that wasn’t stored locally on the phone. Email is a treasure trove of personal information and would have allowed the robber to effectively gain access to my PayPal, Amazon, iTune and other online billing accounts. So first off, I changed the passwords for every single email service I use.
Then I thought about social networking in particular Twitter and Facebook. Changing the password on Facebook was easy at https://www.facebook.com/settings?ref=mb. Here you also have the option to force any apps on smart phones and tablets to be automatically logged out to ensure that who ever wants to access them is really you.
Twitter was harder and was in two stages. Firstly I went to https://twitter.com/settings/password and changed my password. But then I noticed that my iPad was continuing to access my Twitter account without the new password being stored. That’s because Twitter doesn’t automatically check that an application connected to it has the correct password. So I actually asked on Twitter for advice and found this page https://twitter.com/settings/applications where I found a list of all of the applications granted permission to access my account. For the iPhone and iPad access, I selected iOS by Apple and clicked on “Revoke access”. This meant that I’d need to login again to Twitter on each Apple device I use to connect to the social network.
Of course, you may need to follow similar steps for other applications on your phone such as PayPal, eBay or Google+.
Using Find My iPhone, I did try to remotely wipe the device after the police concluded that it would be unlikely that we’d spot him. But thus far, the request has not been successful.
But when it comes to the mugging itself, what did I learn? Perhaps that I shouldn’t be using my mobile phone, while I’m mobile, out and exposed in a public place. But given that is what they are for, it seems pointless advice. I’m certainly going to be more careful about where I’m displaying it. It’s too easy to forget that when it’s in your hands, you are literally holding a £700 piece of technology. It’s so much more valuable than a wallet, particularly given that most of us don’t carry much cash, and chip and pin in theory makes it hard for thieves to use our credit and debit cards.
The other thing I learnt, is how valuable it is to have my social media community around me in a time like this. Some of my Twitter followers have been out looking for a cyclist on that street (I assume he targets it regularly), others gave me really useful advice on how to deal with the technological challenges that the incident threw up.
It also meant that my family learnt about it differently. My grandparents saw that I was attacked on their Android while looking at Facebook while shopping. One of my sisters found out when she was emailed by a friend, who had heard from a friend that I had been attacked. My sister then asked my brother-in-law if I had been tweeting about something bad, and he then forwarded her the stream of tweets. My parents found out in the more usual way, I phoned from a landline, a number no-one had actually called me on before because everyone had my iPhone number, or at least they did.
Follow @benjamincohen on Twitter.
There are 66 comments on this post
Thank you this is really useful.
That’s awful. My mum was robbed in work years ago, guy held syringe of blood to her throat, told her he had Aids & he’d stick her with it unless she gave him all money from the cash register. Took her a while to recover. Hopefully guy who robbed you gets caught and you get your phone back, that may be wishful thinking but hey.
Reported
The fact you probably got pleasure in post this exposes some sad facts about the kind of person you are.
Sorry for your experience, but thanks for the useful advice none the less. I used to be a Police control room operator, and I have to say that alot of the people reporting night time street robberies of their mobile phone is because they were actually using it at the time, talking on the phone on the way home from the tube station. They held the mistaken belief that by being on the phone to someone, they were “safer” on their walk home. This sadly highlighted them as being in possession of an easily grabbable phone, and the attacker would either run or cycle past and grab the phone, or in some cases, as yours, threaten with a knife. Of course this does differ from yours in that yours was broad daylight. The weird thing is that had you not taken your phone out of your pocket, you would never have had the need to write this article. Crazy I know…
‘Sad but true’ that there are people like you in this world. Having a knife held to your throat must be one of the most terrifying experiences imaginable. What a truly nasty piece of work you are.
well said!
you’re not ‘sad but true’, just sad. and possibly a bigot, but hateful either way.
What a horrible experience – my brother was mugged at knifepoint in similar circumstances in central London last year and his iPhone stolen, so this struck a chord. Fortunately although he’d also been texting on his way home, his phone was locked when it was stolen, but he still changed all his passwords and did a remote wipe just in case. This is very useful advice for anyone who is ever unfortunate enough to find themselves in this situation, so thank you for reliving an unpleasant experience and taking the time to post this. I wish the police would have a major crackdown on this kind of crime: far too many muggers are never caught.
For ‘sad but true’ – you’ve obviously never been on the receiving end of something like this if you can say such things. My brother is tall and strong and can hold his own, but the muggers were so practised at what they do that he never heard them coming and never stood a chance. He was badly shaken up and cried too. No shame in that. No, it may not be the wisest thing to text or use an expensive phone in public, but we all do it. Any one of us could find ourselves in the wrong place at the wrong time and taken completely by surprise, you…
Thanks very much for this information Benjamin, have now put passcodes on everything! Sorry for your awful experience. I was burgled a few years ago and that felt like an appalling invasion, must be so much worse to have been physically threatened and so close to your home too. I actually always have felt a bit cautious about using my phone on the street or outside a tube station and will be even more careful now.
Come on. Sorry you had to go through it, not nice. BUT. Chalk Farm+£700 toy being waved around+nice middle class meeja boy skipping home+’Gangsta’ yoof riding round on bike. Der/doh!
I guess you would just pee yourself! I think having a knife held at you is a wee bit more frightening than the loss of the phone. Given Ben was at the Blackbery PR do when somebody got stabbed a few weeks ago and eventually died I cant blame Ben for crying.
If he took your advice this blog could of been replaced by his obituary. I’m glad Ben chose to hand the phone over rather than take the stupid advice you gave.
8 character PIN? How do you do this~?
Settings > General > Passcode Lock > (enter 4 digit passcode if it is already set) > Simple Passcode – slide to off.
This allows you to use any type of password and not be restricted to four digits. It brings up the keyboard for unlocking rather than the simple numeric keyboard. Even setting as little as four letters is a lot more difficult to break than four digits.
Settings > General > Passcode Lock > Simple Passcode > Off
Terrible thing to have happen. I was mugged and after an initial struggle gave up my bag. Remember – everything can be replaced except your life. It’s not worth trying to be a hero. I recommend the book The Gift of Fear by Gavin de Becker which I read after being mugged. Had I read it beforehand I would have been a lot wiser.
My partner and I were mugged near home in Vauxhall by a gang of youths. We were not using our phones at the time. We tried to walk away from them but were attacked and beaten and now have facial scars. The police didn’t seem that interested and said it is happening all the time.
What I find annoying is that Apple could easily block the phones remotely (when requested by police) as the phones each have a unique hardware id. As it turns out, we moved to cheaper Android phones.
It’s nothing to do with Apple – it’s the carriers who decide what phones are on their networks and what sims work etc.
I’ve always thought any phone reported stolen should be unusable once the victim of theft reports the IMEI number of the phone – but as far as I’m aware this has never been the case.
Not sure why the phone carriers choose to support criminality – suppose it could be something to do with profiting from the sale of a new phone to replace the old one and not wanting to turn down ongoing bills from whoever ended up with the stolen phone.
Amazed that this practice has been allowed to go on for so long – but hey, what do I know about business and ethics?
Thanks for the advice Benjamin! I was attacked by two ‘youths’ last year when as I was walking home from work in West London. I didn’t have my phone out, they just took a punt that I’d have an iPhone(because who doesn’t!?) They hit me over the head with a log, punched and kicked me repeatedly. I also broke a few fingers punching one of them in the face. I think if I’ve learnt anything from my attack it’s to just hand your phone over. When they kept shouting at me to give it to them, I told them I’d had it stolen the previous night in a club. I eventually managed to escape, with my phone intact and up my sleeve, although I was missing some teeth. I think they made an assumption that because I’m a slim woman at 5’7 I’d be an easy target. I wouldn’t recommend ‘fighting back’ to anyone but who knows, if I hadn’t fought back maybe worse would have happened? Thankfully the wonderful Poilce caught one of the boys and he’s now serving time behind bars… Is this part and parcel of life in a big city, or can we do more to stop this from happening?
Good advice but: I was under the impression that all a thief has to do it turn the iPhone off in order to stop location services and “find my iPhone” from working. Then they just restore it as a new phone and it’s lost.
I had my iPhone stolen last year and I’m pretty sure that’s why I was never able to track it: they just turned it off.
Sad but true – keep your inane comments to yourself in future
Sorry to hear of your frightening ordeal, Ben.
Good advice about Restrictions passcode and denying location changes, but is it not the case that unless you also disable changes to ‘Accounts’ then the thief could just delete your iCloud account and in turn switch-off the Find my iPhone service?
Even simpler: carry a gun. Oh wait, in the UK you’re not allowed to carry a gun, thanks to fascist politicians and straw-man arguments against guns. Ah, you Euro-peons, pissing away your rights and your freedoms. Well done!
See, nobody will ever threaten me with a knife to take my iphone. Because I will shoot him. And before anyone says “that’s wrong!” or similar, it’s his own damn fault. A knife is a lethal weapon. If you threaten me with one I must assume you want to kill me. It’s you or me. And better you than me.
So robbers can then run around with guns instead of knives? Great! I can see how well that works out in the good old US of A, so much so I find it very hard to believe that anyone from a sane first world country would ever voluntarily choose to live in the US.
To be honest, it’s much safer everyone not carrying guns…
i think you are right. Because when they take the right of carrying a weapon away from the people the only thing the achieve is that the people is not going to be able to defend. Gun carry laws affect only good civilians, not thives, they are going to get weapons anyway
Also good advice is to register your property (not just phones) on the National Property Register. http://www.immobilise.com
When the police stop and search they will run a check on property such as bikes and phones and it will bring it up that it belongs to you.
Sorry to hear of your misadventure.
Here’s a secure enough method I use:
Go into General – Passcode lock: Set “Require Password” to “Immediately” and switch “Erase Data” ON. Make sure you’re iTunes backup is set to encrypted. This will both encrypt the data on your iPhone and will always prompt a user to enter a passcode upon initial screen lock.
Now when your phone is stolen, the bastards will not easily have access to your data when hooked up to PC – they would have to break the encryption. Additionally, the “Erase Data” option will kick in after 10 failed passcode attempts.
If you sync your Iphone with a gmail account (at least a Google Apps domain account) you have to option to remote wipe the device.
Good luck out there.
An unarmed, untrained person should never, ever attempt to trump a prepared person with a lethal weapon over some hundreds of dollars of personal property. Maybe the kid would chicken out, but he is already pulling a knife on someone in cold blood, so he’s just as likely to go through with it.
Berating people for not being stupidly willing to risk their lives over a phone is disturbing.
Here’s another tip but it could piss them off so use your judgement.
Have the cloud setting turned on for photos and the moment someone hassles you, take their photo using the quick photo option on the pin entry screen. It will immediately get sync’d to your cloud (photostream) account and voila, a picture of the culprit.
iCloud photo stream only works on WiFi so they would have to connect the iPhone to their WiFi for you to ever get the photo.
THANK YOU so much for posting this information. I am immediately sharing this with everyone I know. I am so sorry you lost your phone to some stupid cowardly thief, but I am so grateful you have shared this information with the rest of us. BLESS you.
I’m glad you got a good service but shortly with 20% Police cuts and services being privatised you will be lucky to get a Police response. Have you seen the Police Rally Plans in London protesting on the Winsor recommendations which will see policing decimated in the UK and replaced in many cases by private contractors. Join the #protectourpolice campaign before it is too late.
You poor chap, I’m amazed at how quickly you are able to post such helpful information. Thank you very much.
Very helpful article… I wasn’t even aware of the Restrictions function. I don’t have an iPhone but it applies to my iPad.
I was attacked by 2 guys a few weeks ago who wanted the phone in similar circumstances: I was replying to a text whilst walking home. I decided to resist and after a bit of a brawl was lucky to get away. Don’t think I have ever run faster! Still shaken up though. Difficult dilemma, as you say: if you don’t use the phone whilst out and about, the criminals have sort of defeated you. And once confronted and attacked do you run, fight, or hand it over? The knife definitely adds something: if I had seen them pull out a knife (they did not) I probably would not have resisted. But since they were hitting me anyway, I thought, might as well try and escape… Part of it is pride and anger as well – you want to resist.
Unless you format said iphone. then all your fancy s***won’t do jack all.
which anyone with google and a pc can do.
Nice try applefan nice try
The sooner someone comes up with an App that released a huge red boxing glove on a spring and connects with cunning timing the better. It could perhaps be loosely based upon the one Data had in the Goonies. Always thought that invention had legs, well arms.
SBT, Ben works hard with one of the best teams of Journalists in the UK. He has a successful career and meets all sorts of people in his profession.
You troll the web leaving nasty comments to make yourself look hard, when in actual fact you’re probably feeling the weight of that big chip on your shoulder!
Maybe you would feel differently if it was you!
Ironic, Sad, but True!
@jTemplar if you make it “Restricted” to delete an app you’re ok! I thought that was clear… Might tidy up above!
Thank you for sharing this sad and cautionary tale.
“Sad but True”, you’re so brave and strong… but it is always easy to be courageous when you are not the one being mugged.
One lesson to be learned from this is not to fiddle with a phone when you are walking around – you are not as aware of your surroundings, and you are advertising a “sweet piece of kit” to the easily tempted. I often use a Bluetooth headset, keeping the phone out of sight when making calls while moving around (and ALWAYS while driving), partly for this reason.
And finally Cyril… I was born and raised in London, now live in the US. I have to say that it is nice to see that banning guns there has worked out so well. Over here they would let the thief take the phone… then use swift and deadly force.
“Over here they would let the thief take the phone… then use swift and deadly force”
… and then spend the next decade or two in a hell-hole prison for manslaughter.
I think I’d rather live my life as it is – but thanks for the info.
Sad but True, is that your description of yourself? It’s that lack of sympathy you display that is dragging this country down the pan and turning us into Texas.
Why did you waste your energy typing, what did you think you’d achieve. Making yourself feel smug cos it didn’t happen to you? Well, i hope it never does, which may surprise you.
Benjamin knows it’s too late for him, he’s telling us the mistakes he made to help others – remember that concept? It used to be what Brits did….
Nasty business, sorry to hear about it. Sad But True, your mum just called and your pyjamas are pressed and warming by the fire. Off you trot.
You might want to have a look at this free tracking software. I have no connection with the company at all and haven’t used it in anger so don’t know if it works. http://preyproject.com/
Thanks Ben.
The time of day that it happened (happens) is frightening too. I have my wits about me at night but don’t think twice about wafting my iPhone about in the daytime.
Will be more careful in future.
Hope the git gets caught.
FYI, Twitter still worked because it uses a technology called OAUTH. It allows application to have *their own* credentials to your account. Changing your Twitter password does not affect the credentials the app has for itself. This is why you need to “revoke access”. It’s one of the ‘catches’ of OAUTH.
The same holds true for apps that have access to Google…changing your Google password typically does nothing. It’s the App’s credentials that need to be revoked/changed.
It is certainly not something I would cry about, however it would shake me up i’m pretty sure about that. Kids these days have no morals, parents don’t care and the government doesn’t care either.
I don’t have an iphone, I am sure if I took one in the street near my flat they would be queuing up to snatch it from me, the point I am trying to make is that while technology is wonderful, showing it off in public does paint somewhat of a bullseye on your back.
I do hope the police catch the little ****, unlikely but I can’t stand knife crime and the cretins deserve everything they get. (Your iphone not included)
I had an near identical experience last year (way home from work, iPhone, youths, knife, handed it over). It’s horrible. I’ve lived in London for a long time and have never experienced something like this. I tried to do the find my iphone but they’d turned it off, I suspect.
To be honest, the experience wasn’t nice. I felt kinda stupid just handing it over. Apparently they’re not interested on what’s on the phone, they just want the device which gets sold abroad. None of these people are clever enough to actually do anything with the data on it.
Thanks for sharing your experience.
You should have downloaded and set your ring tone to the Nokia tune…. He wouldn’t have looked twice at you then….
Though you don’t sound at all technical, you’re a savvy businessman. I thank you for the information on the restrictions password. It should be handy to mobile and iOS device owners. In San Francisco CA the top
reported crime is mobile theft. Following the UK’s lead, and with congressional
prodding, US carriers, along with the FCC, will compile a hot phone database which will be used to have the stolen devices disabled.
One of corporate security’s headaches is managing theft in BYOD environments. An employee leaves a laptop at the train station.
How much of its data was encrypted? Do they now have to remote Wipe all your mobile devices? In some scenarios you would say goodbye to your personal data, even if it had resided on the
devices that weren’t stolen.
Airplane mode. He turned on airplane mode.
Doesn’t work for iphone 3g unfortunately!
Turning your country “into Texas”? You, sir, don’t have the flippingest idea what you’re talking about.
~ Gentleman from Texas and damn proud of it
Well Wizard Prang is advocating deadly force against children – that’s nice. Sadly the truth is that the mugger is more likely than you are to have and use a gun when guns are common and easily obtainable. Worst case – a surprise attack and he has possession of YOUR gun.
I was just going to add that setting the restriction on removing apps and also requiring your iTunes password every time would also be sensible. Ultimately, having a record of your IMEI should allow the phone to be locked and traced by the network operator too but that doesn’t seem to work in practice – not sure why.
Really helpful information. Obvious changes to make when you think about it!
So sorry to hear of your horrible experience. A friend of mine literally days before you was mugged too. Thank you for sharing everything you have learned from the experience – I am putting the tips in action with my own phone, and sharing it with everyone I know – with a clear message to be careful out on the streets when using your mobile. Someone I know uses headphones when out and about so their phone can’t be seen which I think is a good tip too.
Makes me feel better about living in a countryside village where I’ve never even had to lock the door.
Good points, but why would someone with access to the phone go to the trouble of disabling find-my-iphone, deleting apps, fiddling with iCloud etc., when all they need to do is turn on Airplane mode before rummaging through your stuff? It’s easy to then restore it at their convenience.
Another idea is to always carry an old broken phone in your pocket so when your approached you just hand it over.
Well, if I have learnt anything from reading the article and the comments, it’s to stay the hell out of London
We don’t need a remote-wiping, we need remote battery exploding.
Drop your phone and stamp on it! No use to anyone then.
Thank you for sharing, I really appreciate that. It’s a real shame it happened. I hate stories like that, makes me want to go on the street and hunt for thugs such as the one who attacked you!
At least thanks to your post some people will learn how to protect their data.
Thank you!
What an idiot “sad but true” is. Also reported comment, should have been deleted by now really.
It’s terrible that this happened to you, and I commend you for trying to make lemonade out of lemons by giving people sensible advice.
However, even with these very advisable settings changes, many thieves now know that you can disable Find My iPhone, no matter the settings that have been applied, merely by doing one of two things:
1) Immediately turning the iPhone off by holding down the power button – this works even if the screen is locked.
2) AND/OR immediately removing the SIM card. Assuming the iPhone is out of range of a known Wi-Fi network, this renders the data connection needed for Find My iPhone to work null and void.
Until Apple addresses point 1, I am afraid Find My iPhone will only work with amateur, opportunistic or first-time thieves and not organised phone robbery outfits.
Happened to me on Chalk Farm Road last night, just one metre from my front door. Cycled up to me from behind (I didn’t notice – earphones in) and snatched the phone from my hand and sped off. He was going pretty fast because the force snapped my earphone cable in two…
Got upstairs to my mac in less than two minutes, but the device was already off (or in airplane mode), rendering Find my iPhone useless.
I wonder just how useful the remote erasing is – with the SIM already blocked, how will it connect to the internet to know that it should be wiped? I can only hope that they don’t care a bit for the data and have restored it from new already.
Good news about those other restrictions, though. Will definitely look at those with my replacement phone. Thanks Ben.
Goodness that’s exactly what happened to me yesterday in Highbury @ Islington at noon, however there was people in the street and I scream to them to stop the guy on the bicycle while I was trying to chase him but everyone seemed deaf. I also seem to have a face for it as it has been two phones in less than a year!!
I did have the useless app when switched off of find my Iphone however i set it up remotely in lock mode with a message that reads THIS IS A STOLEN PHONE followed by my number probably a silly thing but when this happens any measure looks good.