The Deutsche Telekom has issued a warning about a devious scam specifically targeting smartphone users during summer vacations. After a theft, criminals exploit manipulated messages to take control of victims’ Apple ID or Google accounts.
Scammers Exploit the “Lost Mode” for Phishing
This scam targets users at their device’s security features. When the “Find My” function or “Lost Mode” is activated after a theft, the lock screen displays a message for honest finders along with an alternative contact number or email address.
Thieves utilize this information to contact victims directly, posing as the finders aiming to return the device. These messages often include phishing links that lead to fake login pages. If users enter their credentials there, the attackers can take over the account, remotely wipe the device, and access sensitive data such as photos, emails, or payment services. Hundreds of customers have already reported such incidents.
What Travelers Should Keep in Mind
IT security experts and Telekom advise several protective measures. After a theft, users should immediately block their SIM card with the provider. Passwords for crucial accounts should never be entered through links in SMS or messenger applications.
Do not remove the stolen smartphone from the Apple or Google account, as this would disable activation lock, allowing thieves to reset the device. An IMEI number is required for filing a police report. Before traveling, users should back up data in the cloud and install all system and app updates.
A digital expert also recommends avoiding public Wi-Fi hotspots abroad or using them only with a VPN. Additionally, beware of “juice jacking”: public USB charging stations can be tampered with to extract data. It is safer to use personal chargers.
AI Makes Phishing More Dangerous
The risks for travelers are increasing due to the use of artificial intelligence. Security researchers from McAfee show that AI models can now identify the location of vacation photos with about 91% accuracy. Criminals use this location information for personalized phishing campaigns, posing as local hotels or banks.
Trade associations are also observing a significant surge in so-called “quishing.” This involves harmful links hidden in QR codes, which saw a 146% rise in the first three months of 2026. The threat from deepfakes and AI-driven shock calls with cloned voices is also considered high by investigative authorities.
Legal Strengthening for Account Hacking Victims
For users whose accounts were compromised despite caution, there has been a legal strengthening. The Higher Regional Court of Rostock ruled that social media platforms must promptly provide clear and German-language information about an incident following a hacker attack.
Victims have a contractual right to regain their access. Automated English-standard emails are insufficient, especially amid specific abuse risks. If platforms do not respond to legal deadlines, they will bear the costs.
Smartphones store more sensitive data than any other device, making them prime targets for criminals. By following these precautionary measures and being aware of current threats, users can better protect themselves in today’s digital landscape.

