This Spyware Warning From Apple Is Actually Real
Apple sent alerts to users in 92 countries.
If you received one, don't ignore it.
If you received one, don't ignore it.
Jake Peterson July 11, 2024
Credit: Kaspars Grinvalds/Shutterstock
We get a lot of spam calls and texts these days, so it's easy to ignore cryptic messages about the security of our accounts and devices. But what if the text you received wasn't from some random number, but from Apple itself? And what if that text from Apple claimed you were actively being spied on?
“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-...This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
This isn't the first time Apple has sent users this type of warning. In fact, the company sent a round of warnings to users back in April, complete with the same message as noted above.
According to an Apple support document on the subject, the company has sent alerts multiple times each year since 2021, now to over 150 countries in total. The specifics of the attempted attacks are limited, since Apple doesn't want to reveal how it is able to detect the risks to users. While that's understandable, it means users are left knowing they're likely the target of a spyware campaign, but without knowing from who or where.
To be clear, the vast majority of users receiving these alerts are not your everyday iPhone customers. Most of the users Apple believes are being targeted by spyware work in high-profile positions that attract attacks from state actors. Think politicians, journalists, activists, diplomats, etc.—people who expose secrets or have power that other people in power would like to stop. Bad actors spend millions of dollars to target these users in elaborate spyware campaigns, attempting to install malware on their devices in an effort to spy on location, data, and activity.
Perhaps the most notable spyware of this kind is Pegasus, which was created by the Israeli-based NSO Group to spy on a host of high-profile targets the government sees as "threats."
What to do if you receive this alert
If you do receive one of these alerts, the first step is to ensure it's real. To do so, sign into appleid.apple.com and look for the threat notification at the top of the page. If Apple sent you one, you'll see it here. Otherwise, assume the message is fake. Apple says its alert will never ask you to click a link, open a file, or install an app or profile, so if the "alert" asks you to do this, ignore it. These are classic tactics to trick users into installing the very malware a true alert would try to protect you from.
The company also recommends you reach out to the non-profit Access Now and use their Digital Security Helpline. While they won't be able to offer you specific advice about your situation, they will be able to walk you through general steps to secure yourself.
Whether you receive an alert, or your work involves one of these at-risk positions, Apple strongly encourages you to enable Lockdown Mode on your Apple devices. Lockdown Mode restricts many of the basic functions of your Apple devices, to plug potential holes bad actors can exploit to compromise those devices. This includes blocking things like message attachment types, web technologies in Safari, and incoming FaceTime calls; removing your location from shared photos; and stopping configuration profiles from being installed.
As Lockdown Mode limits the features of your iPhone or Mac, it's not something that most people should use on a daily basis. However, for those who may be targeted by bad actors, it can be a great line of defense. You can follow our guide here to enable Lockdown Mode on your Apple devices to protect yourself.
No comments:
Post a Comment