Skip to Content
Apple ID sign in on an iPhone and Mac computer
Photo 57777292 © Alexey Boldin |
Security & privacy

Phone hacked? Apple says it will alert you if your iPhone is infected with spyware

Cybercriminals have countless tools to target victims. They develop these methods themselves or, unsurprisingly, lift them from others.

Earlier this year, authorities discovered cybercriminals were using military-grade hacking software designed by Israeli tech firm NSO Group. Research group Citizen Lab then revealed that NSO’s own clients were using the software to spy on journalists. Tap or click here for our report along with tips on protecting yourself from this dangerous vulnerability.

Apple rolled out security patches to prevent this type of government-sponsored spyware and now it’s going one step further: Apple says it will now notify owners if their iPhones and other devices have been compromised.

Here’s the backstory: Apple’s lawsuit

The NSO’s homepage says the firm creates technology that helps government agencies “prevent and investigate terrorism and crime to save thousands of lives around the globe.” Well, that sounds noble. There’s more to it.

Last week Apple announced that it’s suing NSO Group and its parent company for spying on Apple users. The complaint says NSO Group infected people’s devices using the firm’s Pegasus spyware. Apple is seeking an injunction banning NSO Group from using any of its software, services or devices. The tech giant says there is documented history of such software being used to target journalists, activists, dissidents, academics, and government officials.

Apple also revealed information on NSO Group’s FORCEDENTRY, an exploit that was used to break into a victim’s Apple device to install the Pegasus program. The exploit was discovered by research group Citizen Lab. Apple has since released a patch to fix the vulnerability.

Related: GoDaddy data breach: 1.2M user profiles, including passwords, exposed

Apple’s new alerts

Given the level of seriousness of these types of hacks, Apple says it will notify users when their Apple devices have been compromised by state-sponsored malware and spyware.

If Apple detects evidence of a state-sponsored attack, the targeted user will get a Threat Notification on the top of the page when signed into Apple will also send an email and iMessage notification to the account associated with the user’s Apple ID.


Don’t expect this to work perfectly. Apple says users may get a false alarm or a threat may miss detection.

You should also keep in mind that Apple will never ask you to click any links, open files, install apps or profiles or provide your Apple ID password or verification code by email or on the phone. Sign in to to verify any threat notifications you receive from Apple.

With just about anything security-related, criminals will try to use this new system to their advantage. Be careful and never reply to requests for your personal info, even if they seem to be from Apple.

Protect yourself

A little prevention goes a long way. Take these steps to protect yourself from all types of spyware, malware, ransomware, adware and viruses, state-sponsored or otherwise:

Keep reading

Government-related scams never end – Here are 2 new ones to watch for

Have guests staying with you? How to tell if someone has been snooping on your phone

Refer friends, earn rewards!

Why not share your source of digital lifestyle news, tips and advice with others? When your friends and family subscribe to Kim's free newsletters, you earn points toward awesome rewards!

Get rewarded