Security Friday: Deluge of Unpaid Toll Scams, Hundreds of Apps Hijacked to Track You, and more

Hi Readers, Cullen here. Last week we mentioned Apple's privacy settlement and how most iPhone owners may be eligible for a small payout from Apple, but we didn't say how to apply.

View In Browser

This Newsletter Is Brought to You By:

Privacy & Security   January 24, 2025 Editor's Note Hi Readers, Cullen here. Last week we mentioned Apple's privacy settlement and how most iPhone owners may be eligible for a small payout from Apple, but we didn't say how to apply. That's because the details aren't public yet. We'll be sure to let you know how to apply as soon as we can find out. This week, two staff members at iPhone Life both got the same scam "unpaid tolls" text. You can see an example in this week's Test Your Security Skills section. Are you getting "Unpaid tolls" texts too? It's an epidemic! Amazingly, Brian Krebs over at Krebs On Security figured out where they're coming from, and even who is sending them. Scroll down to find out! Cheers! Cullen Thomas, Senior Instructor at iPhone Life IN THIS NEWSLETTER 🗒️✅ Your Security Checklist 🏆🎖️ Test Your Security Skills 🤨 This Should Be on Your Radar 📡 🍎📱Security Updates from Apple 🍎   🗒️✅ Your Security Checklist If you take nothing else from this newsletter, do these three things to protect yourself: Stay vigilant when it comes to text scams, whether they're claiming you owe toll fees or the USPS couldn't deliver a package. iCloud Private Relay helps prevent websites and apps from tracking you and collecting your data. Block apps from accessing your precise location by disabling Location Services. For a complete list of our top security recommendations, be sure to tune in to our upcoming course on cybersecurity for tech enthusiasts. In partnership with Surfshark Keep Your Number Off the Web Did you know every time you enter your phone number on a form or website, you're at risk for getting it leaked? With so many places requiring phone numbers, it's no wonder the amount of spam calls and texts has skyrocketed. Surfshark Alternative Number provides a virtual number to mask your real number from unwanted eyes. Don't give your number to strangers; put your privacy first. Sign up for Surfshark today for just $3.49/month plus four months for free!     🏆🎖️ Test Your Security Skills What should you do in the following scenario? While driving near Boston, MA, I got this message. The link is gray (instead of blue) and it won't open when I click it. What should I do? Follow the instructions and see if that makes the link work. Go to the ZipCash.com website in a browser (without clicking anything in this message). Delete the message and mark it as a scam. Scroll to the bottom to see how you did!   🤨 This Should Be on Your Radar 📡 Don't Do This One Trick: Hackers Bypass iMessage Protection If a link is sent by a new contact, the Messages app will "gray out" links to suspicious websites (such as those that are too new, use domain names too similar to those of major companies, etc.) In response, scammers have taken to trying this little trick to convince you to click the link anyway. Don't fall for it! You can see the trick in our unpaid toll scam example, above. Brian Krebs of Krebs on Security identified the scammers responsible for that one as the Chenlun SMS phishing group, from mainland China, who have recently added the functionality to generate these scam texts to their phishing software. (P.S. For an example, see our test your security skills question) The Bottom Line: If a link in an iMessage is gray (not blue) and unclickable, that's a big red flag. It will become blue if you reply to the message, so don't do that, and definitely don't click the link. Keep Your Number Off the Web (sponsored) Dozens of Popular Apps Are Exploited to Spy On You, and Hackers Stole the Data Hackers allege they have stolen a massive trove of data from Gravy Analytics, a service used by the Secret Service and others to track people's locations. 404media has the report on how the stolen data tells us which apps are being used to harvest user locations, possibly without the app's knowledge or consent. Apps include Candy Crush, MyFitnessPal, and Tinder, and many more. The Bottom Line: Using privacy-preserving web browsers, a VPN, and disabling location sharing with third-party apps all contribute to reducing the amount of location data (and other data types) that a data broker like Gravy Analytics can collect about you. Apple Intelligence Summarizes All Your News Notifications. What If It's Very Wrong? Apple Intelligence is under fire from journalists worried that its frequent gaffs could have serious repercussions when it's used to (incorrectly) summarize news headlines. The Bottom Line: You can disable AI Summaries of the notifications from news apps in Settings > Notifications > Summarize Notifications. In partnership with NordVPN January Deals for Our Favorite VPN A VPN service is a crucial part of your online security toolkit. It encrypts your data and routes it through a secure connection, hiding your data from prying eyes. Sign up for NordVPN today and get 72% off in an exclusive iPhone Life deal!   School Systems Hack: Names, Addresses, Some Grades Stolen from School Software Giant A maker of software for schools (used to track attendance, homework, etc.) reports it's had a cybersecurity incident affecting about 60 million students. You can see which districts are affected in the writeup from Bleeping Computer. More Info on Which Telcos Have Spies in Them Since the December hack of US and European telecommunications companies, more info has steadily trickled out. We now know most of the names of the companies compromised: AT&T, Charter, Consolidated Communications, Lumen, T-Mobile, Verizon, and Windstream, with two more as of yet unnamed. Use iMessages or Signal to encrypt your text messaging. Related: How to use Apple's iMessages Get 72% Off Our Favorite VPN (sponsored) New Version of macOS Malware Might Dodge Built-In Malware Scanning Security researchers at Check Point found a version of the Banshee infostealer malware that contains a snippet of code somehow stolen from macOS's built-in malware scanner, XProtect, possibly to allow it to dodge detection. More evidence that it may be worthwhile to run third-party malware scanning on your Mac. Apple Features Apps for Wildfire Relief Donations You can just open the App Store or Apple Music to find a link to donate to the Red Cross for wildfire relief in California. More from Apple Insider. In partnership with Incogni Start the New Year with a Digital Blank Slate Data brokers collect your personal information and sell it with just a few clicks. Incogni wants to help you take back your data just as easily by dealing with data brokers on your behalf. Sign up for Incogni today and save 55% using code IPHONELIFE.     🍎📱Security Updates from Apple 🍎 Everything you need to know about Apple's latest software updates. Introducing Apple Intelligence, Security Fixes, and Lots of Bug Stomping The most recent iOS and iPadOS is 18.2.1 The most recent macOS is 15.2 The most recent tvOS is 18.2 The most recent watchOS is 11.2 The most recent visionOS is 2.2   Security Skills Answer The correct answer was C! Besides the tricksy paragraph at the end (detailed in the news story above), deleting the message is safe to do in this case because of who sent it. There's no chance that email address is an official rep of a legitimate company; they would use a branded email address, not some random "gmx.us" email domain. If you selected B, you are probably safe too. It's usually safe to double check an incoming message by separately visiting the website of the sender, just make sure the service is legitimate and you visit its real website. Start the New Year with a Digital Blank Slate (sponsored)   Mission Statement There is far too much security and privacy news to cover it all. When building this newsletter, we look for scams, hacks, trouble, and news to illustrate the kinds of problems Apple enthusiasts may encounter in our private lives, and the self defense we can practice to keep our devices, accounts, and lives secure. Our commentary focuses on practical advice for everyday people. This newsletter was written by Cullen Thomas and Rhett Intriago and edited by Donna Schill.   Next Steps For a rundown on our top security tips, join us for our upcoming free intro class on cybersecurity for Apple enthusiasts. Interested in iOS 18's new Password Manager? Check out: How To Sort Your Passwords in the Passwords App What Are Compromised Passwords on iPhone?   Premium Content If you enjoyed this newsletter, you'll love all the security content available on iPhone Life Insider! This premium subscription includes: The complete iPhone Life Privacy & Security Course for Apple Enthusiasts and other free online courses taught by expert instructors In-depth guides on everything from security to iPhone photography to other Apple devices Daily, bite-sized video tips on topics ranging from iCloud security to password management A digital subscription to iPhone Life Magazine, where you'll find articles covering the best security gear, apps, and in-depth how-tos The monthly premium iPhone Life Security Newsletter covering everything you need to know to keep your digital life secure Access to the ad-free version of the iPhone Life Podcast and exclusive bonus content Expert help with all your most pressing Apple Watch questions in our private Ask an Expert Facebook Group Join the Insider community today and save 30 percent! Did we help with your security concerns? With your feedback, we can improve this security newsletter. Let us know how we did: 👍 Yes, this definitely helps me with my security 😐 Some of the content is helpful to me 👎 No, I didn't find this newsletter helpful