-
Faster Copying of Two-Factor Authentication Codes from Messages
One welcome feature of Safari is its automatic detection and auto-filling of SMS-based two-factor authentication codes you receive in Messages. It allows you to complete your login quickly, without having to retrieve the code from Messages. But what if you use a different Web browser, like Google Chrome, Firefox, Brave, or Arc? Apple doesn’t allow other developers access to those codes in Messa... Read more -
Stay Alert! Voice Phishing Used in Recent Ransomware Attacks
All it took for MGM Resorts International to be compromised with ransomware was a quick phone call, which some now call “voice phishing” or “vishing.” An attacker using LinkedIn information to pose as an employee asked MGM’s help desk for a password change, after which they were able to install ransomware. MGM is now up to Read more -
Forget Your Just-Changed Passcode? iOS 17’s Passcode Reset Has Your Back
The hardest time to remember your iPhone or iPad passcode is right after you’ve changed it. Generally speaking, there’s no reason to change your passcode, but if you inadvertently or intentionally shared it with someone with whom you wouldn’t trust your bank account information, changing it to something new is a good idea. We could also imagine a child who knows your passcode changing it on you... Read more -
Want to Password-Protect a PDF? Follow These Best Practices
We periodically field questions about password-protecting a PDF to prevent the wrong people from reading it. Lawyers want to ensure that drafts of legal documents don’t fall into the wrong hands, financial advisers want to keep confidential financial information private, and authors want to prevent their writing from being shared broadly on the Internet. Others don’t worry so much about a docum... Read more -
What Should You Do about an Authentication Code You DIDN’T Request?
We strongly encourage using two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible. The details vary slightly, but with either one, after you enter your password, you must enter an authentication code to complete the login. Although it’s always best to get such codes from an authentication app like Read more -
Beware Executive Imposter Scams Aimed at New Employees
We’re hearing about new hires who receive an email or text from someone claiming to be the CEO of their new company, asking the employee to carry out some small task like sharing personal information, purchasing a gift card for a client, or wiring funds to another business. The new employee, eager to make a good impression and lacking the context of what’s reasonable, is tempted to do as asked.... Read more -
Legitimately Worried That You’re Being Targeted Online? Try Lockdown Mode
Most people fall into one of two extremes when it comes to device security. Many believe they’re not interesting enough to be targeted by online attackers and thus don’t take sensible precautions, like making sure every website account is protected with a strong, unique password. (Most attacks these days are bots, so whether you’re interesting is irrelevant.) Then there are those who see a boge... Read more -
Learn to Identify and Eliminate Phishing Notifications
Email may be the most common form of phishing, but it’s not the only one. Modern Web browsers support a technology that enables websites to display system-level notifications just like regular apps. These push notifications have good uses, such as letting frequently updated websites inform users of new headlines, changed discussion threads, and more. Unfortunately, push notifications can be ... Read more -
Pay Attention to Unsolicited Facebook Password Reset Messages
We’ve seen an uptick in attacks on Facebook accounts that generate email messages like the one below. It’s saying someone is attempting to reset your Facebook password in order to access your account. If you didn’t ask to reset your Facebook password within the past 5 minutes, do not enter the provided code! In fact, do nothing with a message like this, since you can’t easily tell if it’s a leg... Read more -
Apple Starts Releasing Rapid Security Responses for the iPhone, iPad, and Mac
By now, you’ve probably seen a new form of update for iOS, iPadOS, and macOS: the Rapid Security Response. Early in May, Apple released the first instances of these updates, which the company had promised for iOS 16, iPadOS 16, and macOS 13 Ventura when those operating systems were first announced. Let’s answe... Read more