in

Apple warns spy ware targets through ‘risk notifications,’ presents these subsequent steps


Did you know that Apple, for years, has had a system and process for sending ‘threat notifications’ to users of suspected spyware attacks? Here’s what that means, and new details on the guidance Apple gives users with a compromised device.

Spyware victims tend to be high-profile targets, not the average Apple user

Lorenzo Franceschi-Bicchierai writes for TechCrunch:

In the last few years, Apple has been sending notifications to targets and victims of government spyware, alerting them that they may have been hacked, and directing them to get help. Crucially, Apple doesn’t tell the targets to get in touch with its own security engineers, but with the nonprofit Access Now, which runs a digital helpline for people in civil society who suspect they have been targets of government spyware.

We first reported on these ‘threat notifications’ back in 2021 when Apple published a support document about them. That document, which was last updated on October 24, 2024, is available here.

It explains that if you’re the victim of a suspected spyware attack, you’ll be notified in multiple ways:

A Threat Notification is displayed at the top of the page after you sign into account.apple.com.

Apple sends an email and iMessage notification to the email addresses and phone numbers associated with your Apple Account.

The good news is that most users will never receive a threat notification, because the types of attacks they warn against are usually reserved for high-profile targets. As Apple puts it, those who are “individually targeted by mercenary spyware attacks, likely because of who they are or what they do.”

Threat notifications: next steps to take

Apple finally admits CSAM scanning flaw | Apple privacy billboard

Apple’s support document further explains what you should do if you receive a threat notification:

We strongly suggest you enlist expert help, such as the rapid-response emergency security assistance provided by the Digital Security Helpline at the nonprofit Access Now. Apple threat notification recipients can contact the Digital Security Helpline 24 hours a day, seven days a week through their website. Outside organizations do not have any information about what caused Apple to send a threat notification, but they can assist targeted users with tailored security advice.

So if you’re a suspected target of spyware, Apple won’t provide direct assistance itself. Rather, the company will direct you to the Access Now helpline.

Apple notes: “Outside organizations do not have any information about what caused Apple to send a threat notification, but they can assist targeted users with tailored security advice.”

Several cybersecurity experts TechCrunch spoke with praised Apple’s efforts in this area, saying that the introduction of threat notifications has ‘been a game-changer.’

Apple also provides the following security recommendations for all users, which can hopefully prevent the need for ever getting a threat notification. Users should:

Update devices to the latest software, as that includes the latest security fixes

Protect devices with a passcode

Use two-factor authentication and a strong password for your Apple Account

Install apps from the App Store

Use strong and unique passwords online

Don’t click on links or attachments from unknown senders

Have you ever received an Apple threat notification? Had you ever heard of them before now? Let us know in the comments.

Best iPhone accessories

FTC: We use income earning auto affiliate links. More.





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Amen Dunes: Loss of life Jokes II Album Overview

Is Christmas Eve a Federal Vacation in 2024? Biden’s Resolution Defined – Hollywood Life