Tech
Apple warns spyware targets via ‘threat notifications,’ offers these next steps – 9to5Mac
Did you know that Apple, for years, has had a system and process for sending ‘threat notifications’ to users of suspected spyware attacks? Here’s what that means, and new details on the guidance Apple gives users with a compromised device.
Spyware victims tend to be high-profile targets, not the average Apple user
Lorenzo Franceschi-Bicchierai writes for TechCrunch:
In the last few years, Apple has been sending notifications to targets and victims of government spyware, alerting them that they may have been hacked, and directing them to get help. Crucially, Apple doesn’t tell the targets to get in touch with its own security engineers, but with the nonprofit Access Now, which runs a digital helpline for people in civil society who suspect they have been targets of government spyware.
We first reported on these ‘threat notifications’ back in 2021 when Apple published a support document about them. That document, which was last updated on October 24, 2024, is available here.
It explains that if you’re the victim of a suspected spyware attack, you’ll be notified in multiple ways:
- A Threat Notification is displayed at the top of the page after you sign into account.apple.com.
- Apple sends an email and iMessage notification to the email addresses and phone numbers associated with your Apple Account.
The good news is that most users will never receive a threat notification, because the types of attacks they warn against are usually reserved for high-profile targets. As Apple puts it, those who are “individually targeted by mercenary spyware attacks, likely because of who they are or what they do.”
Threat notifications: next steps to take
Apple’s support document further explains what you should do if you receive a threat notification:
We strongly suggest you enlist expert help, such as the rapid-response emergency security assistance provided by the Digital Security Helpline at the nonprofit Access Now. Apple threat notification recipients can contact the Digital Security Helpline 24 hours a day, seven days a week through their website. Outside organizations do not have any information about what caused Apple to send a threat notification, but they can assist targeted users with tailored security advice.
So if you’re a suspected target of spyware, Apple won’t provide direct assistance itself. Rather, the company will direct you to the Access Now helpline.
Apple notes: “Outside organizations do not have any information about what caused Apple to send a threat notification, but they can assist targeted users with tailored security advice.”
Several cybersecurity experts TechCrunch spoke with praised Apple’s efforts in this area, saying that the introduction of threat notifications has ‘been a game-changer.’
Apple also provides the following security recommendations for all users, which can hopefully prevent the need for ever getting a threat notification. Users should:
- Update devices to the latest software, as that includes the latest security fixes
- Protect devices with a passcode
- Use two-factor authentication and a strong password for your Apple Account
- Install apps from the App Store
- Use strong and unique passwords online
- Don’t click on links or attachments from unknown senders
Have you ever received an Apple threat notification? Had you ever heard of them before now? Let us know in the comments.
Best iPhone accessories
FTC: We use income earning auto affiliate links. More.