• January 2, 2024

    Improve Your Digital Security in 2024 with These New Year’s Resolutions

    Happy New Year, and welcome to 2024! For many of us, starting a new year means reflecting on fresh habits we’d like to adopt. Although we support any resolutions you may have made to get enough sleep, eat better, exercise more, and reduce social media usage, allow us suggest a few more that will improve your digital security and reduce the chances that bad things will happen to you online. Read more
  • October 31, 2023

    Faster Copying of Two-Factor Authentication Codes from Messages

    One welcome feature of Safari is its automatic detection and auto-filling of SMS-based two-factor authentication codes you receive in Messages. It allows you to complete your login quickly, without having to retrieve the code from Messages. But what if you use a different Web browser, like Google Chrome, Firefox, Brave, or Arc? Apple doesn’t allow other developers access to those codes in Messa... Read more
  • October 26, 2023

    Stay Alert! Voice Phishing Used in Recent Ransomware Attacks

    All it took for MGM Resorts International to be compromised with ransomware was a quick phone call, which some now call “voice phishing” or “vishing.” An attacker using LinkedIn information to pose as an employee asked MGM’s help desk for a password change, after which they were able to install ransomware. MGM is now up to Read more
  • October 24, 2023

    Forget Your Just-Changed Passcode? iOS 17’s Passcode Reset Has Your Back

    The hardest time to remember your iPhone or iPad passcode is right after you’ve changed it. Generally speaking, there’s no reason to change your passcode, but if you inadvertently or intentionally shared it with someone with whom you wouldn’t trust your bank account information, changing it to something new is a good idea. We could also imagine a child who knows your passcode changing it on you... Read more
  • October 3, 2023

    Want to Password-Protect a PDF? Follow These Best Practices

    We periodically field questions about password-protecting a PDF to prevent the wrong people from reading it. Lawyers want to ensure that drafts of legal documents don’t fall into the wrong hands, financial advisers want to keep confidential financial information private, and authors want to prevent their writing from being shared broadly on the Internet. Others don’t worry so much about a docum... Read more
  • September 28, 2023

    What Should You Do about an Authentication Code You DIDN’T Request?

    We strongly encourage using two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible. The details vary slightly, but with either one, after you enter your password, you must enter an authentication code to complete the login. Although it’s always best to get such codes from an authentication app like Read more
  • September 5, 2023

    Beware Executive Imposter Scams Aimed at New Employees

    We’re hearing about new hires who receive an email or text from someone claiming to be the CEO of their new company, asking the employee to carry out some small task like sharing personal information, purchasing a gift card for a client, or wiring funds to another business. The new employee, eager to make a good impression and lacking the context of what’s reasonable, is tempted to do as asked.... Read more
  • August 3, 2023

    Legitimately Worried That You’re Being Targeted Online? Try Lockdown Mode

    Most people fall into one of two extremes when it comes to device security. Many believe they’re not interesting enough to be targeted by online attackers and thus don’t take sensible precautions, like making sure every website account is protected with a strong, unique password. (Most attacks these days are bots, so whether you’re interesting is irrelevant.) Then there are those who see a boge... Read more
  • July 4, 2023

    Learn to Identify and Eliminate Phishing Notifications

    Email may be the most common form of phishing, but it’s not the only one. Modern Web browsers support a technology that enables websites to display system-level notifications just like regular apps. These push notifications have good uses, such as letting frequently updated websites inform users of new headlines, changed discussion threads, and more. Unfortunately, push notifications can be ... Read more
  • June 29, 2023

    Pay Attention to Unsolicited Facebook Password Reset Messages

    We’ve seen an uptick in attacks on Facebook accounts that generate email messages like the one below. It’s saying someone is attempting to reset your Facebook password in order to access your account. If you didn’t ask to reset your Facebook password within the past 5 minutes, do not enter the provided code! In fact, do nothing with a message like this, since you can’t easily tell if it’s a leg... Read more