[blog.rayfoo] Infosec, DFIR, tech geekery, thoughts and whatnot

Things to do before (and when) you lose your phone

Had the harrowing experience of losing a phone for a while. Coupled with having to look for it in the rain (could have been dropped somewhere), it's certainly not something anyone would want to go through.

Just like in incident response, two things held true:

• If you don't have a "incident" response plan, you're only going to panic (a lot more) when it happens.
• Doing an AAR helps!

There're things that can be done to make the loss/theft of your phone a lot less traumatic, and possibly less painful if you really don't get your phone back. They happen to be the things that you could do when you get a new phone.

Preparing for what should not happen:

• Note down IMEI of phone (dial *#06#)
• Set up phone tracking/remote lockdown. Apple users have MobileMe / iCloud for iOS. There are ways to do so for Android too. Remember to set a good password which is not reused anywhere else!
• Note down details of the taxis that you board (taxi company, license plate, make/model of taxi). Takes getting used to though.

What to do when phone's stolen/lost (in order)

1. DON'T PANIC, knee jerk reactions are not what you want!
2. Recall when you last used/saw the phone. Retrace your steps and narrow down the possibilities on where to search. Confirm that it was indeed dropped somewhere/in the taxi.
3. Lock phone remotely if you can, and haven't locked it already (Apple's Find My iPhone allows you to do that if you've set it up already). For the average Joe who picks up the phone, it makes the world of difference between a phone that he/she can use straight away and one that he/she is better off returning.
4. Call in 5-15 minute intervals to locate/get someone's attention to the phone. Don't call non-stop as there's no point in spamming your phone, especially if it's going to result in a flat battery which is worse off.
5. Leave a message for any would-be finder to be able to contact you and return the phone. You could use the phone tracker, or simply SMS/WhatsApp/etc. Many phones show the message contents without having to unlock the screen (!!!).
6. Locate the phone, mainly to see if it's trivially retrievable (left on the floor somewhere, or taxi's stationery), or for the police report to come later.
7. Call for help (taxi company). There's an awesome list of Singapore taxi companies' numbers out there.
8. Lodge reports especially when your chances of getting the phone back are slim, or when it's been a while since you've been able to find it/get it back. For the phone itself (property) and any other items of importance that was lost together like identity cards, call the police or make use of the SPF's e-services to lodge a report. Credit cards that were with the phone should be cancelled regardless of whether you get the phone back or not since there's a high likelihood that someone else has seen your CC number and CVV. You do NOT want to go through additional heartache and trouble of undoing credit card transactions by the unscrupulous.

That's all for now. Stay safe, and stay calm

Edit: I guess if this happens you could just skip straight to locking the phone and calling the police.