This Apple Spyware Warning Is Actually Real
We receive a lot of spam calls and text messages these days, so it’s easy to ignore cryptic messages about the security of our accounts and devices. But what if the message you received wasn’t from some random number, but from Apple itself? What if that message from Apple claimed that you were being actively spied on?
While this situation sounds like classic spam, it’s actually not: Apple actually sent users alerts warning them that they could be the target of “hired spyware attacks.” According to Apple, the company sent out an alert on Wednesday at 12:00 pm PT to users in 92 countries. You can see an excerpt from the warning below:
“Apple has discovered that you are the target of a mercenary spy attack that is attempting to remotely compromise the iPhone associated with your Apple ID -xxx-… This attack is likely targeting you specifically because of who you are and what you do . While it is never possible to be absolutely certain when such attacks are detected, Apple has full confidence in this warning—please take it seriously.”
This is not the first time Apple has sent users such warnings.According to Apple’s support document on the matter , the company has sent alerts multiple times per year since 2021, now to a total of more than 150 countries. This limits the specificity of attack attempts because they don’t want to reveal to users how they manage to detect risks. While this is understandable, it means that users remain aware that they are likely the target of a spying campaign, but do not know who or from where.
One user who received the warning on Wednesday posted screenshots of the message on Reddit . The user received a similar message on August 29, 2023, which Apple also refers to in its new message. The company clarifies that this is not a repeated warning; rather, the user was victimized a second time.
To be clear, the vast majority of users receiving these alerts are not your typical iPhone shoppers. Most of the users Apple believes are exposed to spyware are in high-ranking positions, which leads to attacks from government agencies. Think about politicians, journalists, activists, diplomats, etc. d. – people who reveal secrets or have power that other people in power would like to stop. Attackers are spending millions of dollars to target these users in elaborate spying campaigns, attempting to install malware on their devices to track location, data and activity.
What to do if you receive this warning
If you receive one of these warnings, the first thing to do is make sure that it is real. To do this, log into appleid.apple.com and look for the threat notification at the top of the page. If Apple sent you one, you’ll see it here. Otherwise, assume the message is fake. Apple says its alert will never ask you to click a link, open a file, or install an app or profile, so if the “alert” asks you to do so, ignore it. This is a classic tactic to trick users into installing the very malware that this warning is trying to protect you from.
The company also recommends that you contact the nonprofit Access Now and use their digital safety hotline . While they won’t be able to give you specific advice regarding your situation, they will be able to tell you general steps to stay safe.
Whether you’re receiving a warning or work in one of these high-risk jobs, Apple strongly recommends that youturn on Lock Mode on your Apple devices . Lockdown mode limits many of the core functions of your Apple devices to close potential holes that attackers could use to compromise your devices. This includes blocking things like message attachment types, web technologies in Safari, and incoming FaceTime calls; removing your location from shared photos; and stopping installation of configuration profiles.
Because Lock Mode limits what your iPhone or Mac can do, most people shouldn’t use it on a daily basis. However, for those who may fall victim to criminals, this can be an excellent line of defense. You can use our guide here to enable lock mode on your Apple devices and protect yourself.