What to Do if Your Phone Is Lost or Stolen

One of my regular podcasts is Security Weekly News. A recent episode covered "Dealing with loss, phone loss." It's almost 42 minutes long and very detailed. I'm just going to share one of the items by one of the hosts. Take a deep breath and dive in.

What to do if your phone is lost or stolen: practical steps to restore peace of mind

• “IMEI now. *#06#—write it down off device.” 
• “Find My ON – iPhone and Android. Test it at icloud.com/find or android.com/find.” 
• “Strong passcode + biometrics. Avoid birthdays.” 
• “Lock the lock screen controls.” 
• “2FA everywhere.” 
• “SIM PIN – physical SIM and eSIM.” 
• “Backups on.” 
• “iPhone: Stolen Device Protection ON; know Lost Mode.” 
• “Android: Find My Device Network; Secure Folder/App Lock.” 
• “Emergency: Lock & locate; carrier kill SIM; IMEI blacklist; change passwords; police report; don’t chase.” 
• “Scams: Fake ‘Find My’, extortion texts. Don’t click, don’t reply. Forward spam (7726; KSA 330330). Keep Lost Mode ON.”

As soon as you find your phone is missing Try to locate your phone with Find My on Apple or Google, if you have it turned on. You can use a browser on a computer, tablet or even a friend’s phone.

Remotely lock your phone using Find My and mark it as lost, which helps protect your data, blocks the use of Apple or Google Pay and can leave a message on the screen for anyone who finds it. You can also remotely erase your phone from here too.

Contact your network provider and block your sim to stop thieves running up bills. Also ask it to check for any new “charge to bill” activity and to disable the feature.

Contact your credit card company for any cards you have stored on your phone and disable Apple or Google Pay.

Report the theft to the police and give them your phone’s IMEI number, which may be on the box, in your Apple or Google account or their Find My services.

Contact your insurance company if you have phone cover.

Change your passwords for important accounts. Start with your email account so that thieves can’t gain access to your other accounts through password resets.

Remove your phone from your accounts and services, which will log it out and stop thieves accessing saved details.

When you get a new phone, get back your old one, or before something goes wrong, there are some steps you can take to help if you lose it again:

Set a strong pin, a short screen lock time out and turn on biometric fingerprint or face scanners to help keep thieves out of your phone.

Turn on Find My on your phone in settings, which allows you to locate it, lock it or erase it remotely via a web browser or another device.

Turn on Stolen Device Protection in settings on an iPhone, which blocks access to passwords, pins and credit cards without your face or fingerprint.

Turn on Theft Protection in Google settings on Android, which locks your phone when it detects it has been snatched, enables remote locking, locks the phone if it goes offline and prevents access to passwords, pins and other settings without your face or fingerprint.

Set a sim pin in your phone’s settings, which stops thieves being able to use your phone account by transferring the sim or esim to another phone.

Take note of your phone’s IMEI (serial) number – dial *#06# to see it.

Use biometrics for any and all banking and other sensitive apps that support them to block access for anyone other than you.

Disable access to quick settings, Siri or Google Assistant/Gemini and notifications when your phone is locked. This prevents thieves reading two-step codes, turning off internet access, making calls or accessing data.

Back up your phone’s data and settings using iCloud on an iPhone or Google Drive on an Android phone.

Back up your photos to the cloud using iCloud Photos, Google Photos, Amazon Photos or other service.

Old Wives' Tales

Maybe not exactly, but kinda like that.

You've probably heard lots of "conventional wisdom" about digital security. Recently I came across a good article (archive.org) that refutes many of these recommendations.

1. Avoid public WiFi
2. Never scan QR codes
3. Never charge devices from public USB ports
4. Turn off Bluetooth and NFC
5. Regularly “clear cookies”
6. Regularly change passwords
   And I'll add one...
7. Keep your "tap" cards in a secure wallet

Even as you retire these recommendations, there are several that you should add.

1. Keep critical devices and applications updated
2. Enable multi-factor authentication (“MFA”, sometimes called 2FA)
3. Use strong passphrases
4. Use a password manager
   And again, I'll add one...
5. Use passkeys

The source article is a MUST read.

Liar, Liar, Pants on Fire

AI failures or hallucinations are getting to be a theme of my posts.

Our family is considering a trip to Europe next summer. When we realized that it would take 3 flight legs to get there, I went to Microsoft's Copilot for help.

Looking at flying from Memphis to Vienna. What is the flight with the least connections?

Copilot was quick to respond:

The flight from Memphis to Vienna with the fewest connections typically has just one stop,

most commonly in New York (JFK or LGA). There are no direct flights available.

And gave me details about total duration, layover times and booking tips.

I followed up:

Show me the details of the Delta and Austrian connection.

Copilot gave me pages of Flight Details, Booking & Amenities, and even Tips for Smooth Travel.

The only problem was that Delta didn't show that connection.

I don't see that connection from Delta.

Copilot fessed up.

You're right - Delta does not currently offer a seamless connection from Memphis to Vienna via JFK with Austrian Airlines. While Austrian operates direct flights from JFK to Vienna, Delta's Memphis-to-JFK segment doesn't consistently align with Austrian's departure times, and the two airlines don't coordinate on a single ticket for this route.

My reply.

Then why did you offer that to me?

Copilot's reply.

You're absolutely right to call that out - and I appreciate your sharp eye.

I initially offered the Delta + Austrian connection based on a common routing pattern (Memphis to JFK, then Austrian to Vienna), which can sometimes be pieced together manually. But I should have been clearer: that route isn't currently offered as a coordinated itinerary by either airline, and booking it would require separate tickets and careful timing - which introduces risk and complexity.

Just a total waste of my time.

Here's the whole dialog.

PowerShell Scripts by Copilot

Ok, I've been down on AI (Artificial Intelligence). But it's not all negative.

I'm good at writing IBM mainframe assembler language but not so much with PowerShell scripting.

Recently, I "needed" a tool to tell me when Windows Defender had run on my PCs and what the results were. In that this was on Microsoft's Windows, I went to copilot.microsoft.com.

After a little bit of coaching, Copilot gave me an excellent script and a batch file to run it.

Here's the output:

Here's the script:

$scanTypes = @{ '0' = 'Quick'; '1' = 'Full'; '2' = 'Custom' }

$triggers  = @{ '0' = 'Unknown'; '1' = 'Scheduled'; '2' = 'Manual'; '3' = 'Real-time'; '4' = 'On-Demand'; '5' = 'Startup' }

Get-WinEvent -LogName "Microsoft-Windows-Windows Defender/Operational" -MaxEvents 100 |

  Where-Object { $_.Id -eq 1001 } |

  ForEach-Object {

    $xml = [xml]$_.ToXml()

    $data = $xml.Event.EventData.Data

    [PSCustomObject]@{

      TimeCreated = $_.TimeCreated

      ScanType    = $scanTypes[$data[3].'#text']

      Trigger     = $triggers[$data[5].'#text']

      Threats     = $data[10].'#text'

    }

  } | Format-Table -AutoSize

Read-Host "Press Enter to exit"

Here's the batch file:

powershell -NoExit -ExecutionPolicy Bypass -File "DefenderScanSummary.ps1"

That worked so well that I tried again.

I use Drive Snapshot to backup my systems. I wanted to be able to look at the external drive and see when each system was last backed up.

So I went back to Copilot.

Here's the script:

$usbDrive = "E:\"  # Change this to match your USB drive letter

$report = @()

# Get all system folders

$systemFolders = Get-ChildItem -Path $usbDrive -Directory

foreach ($folder in $systemFolders) {

    $systemName = $folder.Name

    $backupFiles = Get-ChildItem -Path $folder.FullName -Filter *.sna -File -ErrorAction SilentlyContinue

    $logFiles = Get-ChildItem -Path $folder.FullName -Filter *.log -File -ErrorAction SilentlyContinue

    # Get most recent backup

    $latestBackup = $backupFiles | Sort-Object LastWriteTime -Descending | Select-Object -First 1

    # Determine backup type from last 3 characters before .sna

    $latestType = "Unknown"

    if ($latestBackup) {

        $baseName = $latestBackup.BaseName

        if ($baseName.Length -ge 3) {

            $suffix = $baseName.Substring($baseName.Length - 3)

            switch ($suffix.ToLower()) {

                "ful" { $latestType = "Full" }

                "dif" { $latestType = "Differential" }

            }

        }

    }

    $latestDate = if ($latestBackup) { $latestBackup.LastWriteTime } else { "None" }

    # Calculate total size of backups

    $totalSizeMB = if ($backupFiles) {

        ($backupFiles | Measure-Object Length -Sum).Sum / 1MB

    } else {

        0

    }

    # Check for errors in logs

    $errors = @()

    foreach ($log in $logFiles) {

        $logContent = Get-Content $log.FullName -ErrorAction SilentlyContinue

        $logErrors = $logContent | Select-String -Pattern "error|failed|exception" -CaseSensitive

        if ($logErrors) {

            $errors += "$($log.Name): $($logErrors.Count) issues"

        }

    }

    $report += [PSCustomObject]@{

        System       = $systemName

        LatestBackup = if ($latestBackup) { "$($latestDate) ($latestType)" } else { "No backups found" }

        TotalSizeMB  = [math]::Round($totalSizeMB, 2)

        Errors       = if ($errors) { $errors -join "; " } else { "None" }

    }

}

# Display the report in PowerShell output

$report | Format-Table -AutoSize

So the AI tools aren't completely useless!

WOA, Finally

Just a day short of 6 years ago, I wrote about WOA - Windows on ARM. Finally it's here. I've enjoyed my MacBook Air's power management and fan-less operation. My Intel-based ThinkPads suck down battery and are slow to resume from sleep or hibernation.

A former co-worker shared with me that he had found a refurbished ThinkPad X13s on eBay for $231. This was a nice discount from the original list price of $2,169.

Here's a good review (archive.org) on the X13s. The X13s is running a Qualcomm Snapdragon processor, an M.2 512GB SSD and 16GB of RAM. It weighs just over 2 pounds with a 13.3" screen.

The eBay unit arrived in excellent condition with a clean install of Windows 11 Pro ARM.

The easiest way to explain how it is to use the X13s it that it is just like a MacBook Air M2 but running Windows. It is fan-less and the battery life is hours. Pretty much, you only need to plug it in overnight. During the day, just set it down and close the lid. Pick it up hours later and it is instantly just where you left it.

The ARM processor is well supported by applications and when necessary, Windows runs the x86 app in an emulator. The only app I've found that needed an explicit ARM version was DriveSnapshot and there was already an ARM version.

It's not the fastest laptop I have but it is fine for web browsing and Office documents.

My Devices

This is a list of the non-phone devices beside my chair:

• ThinkPad X390
• Apple MacBook Air M2
• Apple MacBook Air early 2015
• Apple iPad Pro 11-inch 3rd generation
• Lenovo Tab M9
• Microsoft Surface Pro 8
• Asus Transformer Mini 

Creepy, Just Creepy

We've all had those experiences where something shows up on the Internet that we were just talking about, not searching for something, just talking with a friend.

Recently I've had 2 such experiences. First, a friend of my wife fell down on an escalator and a man jumped from the opposite side of the escalator to help her. My wife related that to my daughter and within hours my daughter got a Facebook reel of soldiers jumping from one side of an escalator to the other to help a fallen person. There never was a search, nor an email, nor a text regarding this, just a verbal conversation.

The second was when I saw a story on a local over the air broadcast news program about a nearby town that was hit by a tornado. The town had established a "burn pit" to dispose of all the debris. The next time my wife and I were in the car, I shared this with her. That evening, I got this Facebook reel:

There never was a search, nor an email, nor a text regarding this, just a verbal conversation.

What's the common thread? The Facebook app on an iPhone. This is more than creepy, it's EVIL!