Technology
New cyberattack targets iPhone, Apple IDs. Here's how to stay safe
Attention iPhone owners: A serious cyberthreat is targeting Apple IDs, and it’s more crucial than ever to be on your guard. Security experts from Symantec have uncovered a sophisticated SMS phishing campaign designed to trick you into giving up your valuable Apple ID credentials.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
The mechanics of the attack
Here’s how the scam works: hackers send out text messages that look like they’re from Apple. These messages urgently request that you click on a link for an important iCloud update or verification. Symantec’s research shows these links lead to cleverly designed fake websites that ask for your Apple ID and password. To make the site seem legitimate, the attackers have even included a CAPTCHA.
Once you complete the CAPTCHA, you’re taken to what looks like an outdated iCloud login page, where you’re prompted to enter your credentials. This information is gold for cybercriminals because it grants them access to your personal and financial data and control over your devices.
Below is an email version of this same scam to avoid. Note the strange email return address originating from a non-Apple account, riddled with dashes and strange characters.
The email scam can claim that a user’s iCloud storage is full. (Kurt “CyberGuy” Knutsson)
Apple’s response and protective measures
Apple is aware of these tactics and has guidelines to help you stay protected. First and foremost, enable two-factor authentication on your Apple ID. This adds an extra layer of security by requiring a password and a six-digit verification code whenever you log in from a new device.
Remember, Apple will never ask you to disable security features like two-factor authentication or Stolen Device Protection. Scammers might claim this is necessary to resolve an issue, but it’s a trap designed to lower your defenses.
An iPhone scam uses text messages. (Kurt “CyberGuy” Knutsson)
Spotting phishing attempts
Phishing scams can be sneaky, but there are ways to identify them. Look closely at the URLs in any suspicious messages. Although the message might appear legitimate, the web address usually won’t match Apple’s official site. Also, be wary of any text that deviates from Apple’s typical communication style.
Symantec highlighted a specific phishing message as part of their warning on July 2. The fraudulent SMS read: “Apple important request iCloud: Visit signin[.]authen-connexion[.]info/iCloud to continue using your services.” Odd characters and unfamiliar domains are clear indicators of a scam.
iPhone users should enable two-factor authentication on their Apple ID. (Kurt “CyberGuy” Knutsson)
Broader scam tactics and how to avoid them
These phishing attempts aren’t just targeting Apple users. People have reported receiving messages similar to those from companies like Netflix and Amazon, claiming account issues or expired credit cards. These messages also direct you to click a link and enter your personal information.
The Federal Trade Commission advises that legitimate companies will never request sensitive information via text. If you receive a message like this, contact the company directly using a verified number or website, not the information provided in the text.
7 SIGNS YOU’VE BEEN HACKED
How to protect yourself from Apple text and email scams
1) Always use strong antivirus protection on all your devices
This is perhaps one of the best investments you can make for yourself to protect yourself from phishing scams. Having antivirus software actively running on your devices will make sure you are stopped from clicking on any malicious links or from downloading any files that will release malware into your device and potentially have your private information stolen. Read my review of my best antivirus picks here.
2) Don’t take the bait
Scammers often use alarming language to provoke immediate action. Phrases like “act now” or “important” are red flags. Stay calm and skeptical of any unsolicited messages.
3) Enable two-factor authentication on your Apple devices
Implementing multifactor authentication on your Apple ID can greatly enhance your security. Always verify the source of messages that claim to be from Apple. If you’re unsure, manually log into your account through the official Apple website or your iPhone settings instead of clicking any links.
4) Keep software up to date
Regularly update your operating system, web browsers and antivirus software to ensure they are equipped to detect and prevent the latest threats. You can regularly check for these updates on your device’s settings app for software updates, and you can go to your App Store or Google Play Store (depending on the device you have) to check for updates on individual apps. Follow these steps here.
2 BULLETPROOF STEPS TO HACK-PROOF YOUR MAC
What should you do if you’ve clicked a link and installed malware on your device?
If you’ve been hacked, it’s not too late. There are several ways you can protect yourself from hackers, even when they have access to your information.
1) Scan your device for malware
First, you’ll want to scan your computer with a reputable and legitimate antivirus program. See my expert review of the best antivirus protection for your Windows, Mac, Android and iOS devices.
2) Change your passwords immediately
If you’ve inadvertently given your information to hackers or malicious actors, they could have access to your social media or banking accounts. To prevent this, you should change your passwords for all your important accounts as soon as possible. However, you should not do this on your infected device, because the hacker might see your new passwords. Instead, you should use ANOTHER DEVICE, such as your laptop or desktop, to change your passwords. Make sure you use strong and unique passwords that are difficult to guess or break. You can also use a password manager to generate and store your passwords securely.
3) Monitor your accounts and transactions
You should check your online accounts and transactions regularly for suspicious or unauthorized activity. If you notice anything unusual, report it to the service provider or the authorities as soon as possible. You should also review your credit reports and scores to see signs of identity theft or fraud.
4) Use identity theft protection
Phishing emails target your personal information. Hackers can use this information to create fake accounts in your name, access your existing accounts and pretend to be you online. This can cause serious damage to your identity and credit score.
To avoid this, you should use identity theft protection services. These services can track your personal information, such as your home title, Social Security Number, phone number and email address, and notify you if they detect any suspicious activity. They can also help you freeze your bank and credit card accounts to stop hackers from using them.
One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white-glove fraud resolution team where a U.S.-based case manager helps you recover any losses. Read more of my review of the best identity theft protection services here.
5) Contact your bank and credit card companies
If hackers have obtained your bank or credit card information, they could use it to make purchases or withdrawals without your consent. You should contact your bank and credit card companies and inform them of the situation. They can help you freeze or cancel your cards, dispute any fraudulent charges and issue new cards for you.
6) Alert your contacts
If hackers have accessed your email or social media accounts, they could use them to send spam or phishing messages to your contacts. They could also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any messages from you that seem suspicious or unusual.
7) Restore your device to factory settings
If you want to make sure that your device is completely free of any malware or spyware, you can restore it to factory settings. This will erase all your data and settings and reinstall the original version. You should back up your important data before doing this and only restore it from a trusted source.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
Kurt’s takeaways
As cyberattacks become increasingly sophisticated, staying informed and cautious is crucial. Protect your Apple ID and personal information by following Apple’s security guidelines and being wary of unsolicited messages. By taking these precautions, you can safeguard your devices and data from malicious actors.
Have you ever been a victim of a cyberscam? If so, what happened and how did you recover? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
Billy Woods has one of the highest batting averages in the game. Between his solo records like Hiding Places and Maps, and his collaborative albums with Elucid as Armand Hammer, the man has multiple stone-cold classics under his belt. And, while no one would ever claim that Woods’ albums were light-hearted fare (these are not party records), Golliwog represents his darkest to date.
This is not your typical horrorcore record. Others, like Geto Boys, Gravediggaz, and Insane Clown Posse, reach for slasher aesthetics and shock tactics. But what Billy Woods has crafted is more A24 than Blumhouse.
Sure, the first track is called “Jumpscare,” and it opens with the sound of a film reel spinning up, followed by a creepy music box and the line: “Ragdoll playing dead. Rabid dog in the yard, car won’t start, it’s bees in your head.” It’s setting you up for the typical horror flick gimmickry. But by the end, it’s psychological torture. A cacophony of voices forms a bed for unidentifiable screeching noises, and Woods drops what feels like a mission statement:
“The English language is violence, I hotwired it. I got a hold of the master’s tools and got dialed in.”
Throughout the record, Woods turns to his producers to craft not cheap scares, but tension, to make the listener feel uneasy. “Waterproof Mascara” turns a woman’s sobs into a rhythmic motif. On “Pitchforks & Halos” Kenny Segal conjures the aural equivalent of a POV shot of a serial killer. And “All These Worlds are Yours” produced by DJ Haram has more in common with the early industrial of Throbbing Gristle than it does even some of the other tracks on the record, like “Golgotha” which pairs boombap drums with New Orleans funeral horns.
That dense, at times scattered production is paired with lines that juxtapose the real-world horrors of oppression and colonialism, with scenes that feel taken straight from Bring Her Back: “Trapped a housefly in an upside-down pint glass and waited for it to die.” And later, Woods seamlessly transitions from boasting to warning people about turning their backs on the genocide in Gaza on “Corinthians”:
If you never came back from the dead you can’t tell me shit
Twelve billion USD hovering over the Gaza Strip
You don’t wanna know what it cost to live
What it cost to hide behind eyelids
When your back turnt, secret cannibals lick they lips
The record features some of Woods’ deftest lyricism, balancing confrontation with philosophy, horror with emotion. Billy Woods’ Golliwog is available on Bandcamp and on most major streaming services, including Apple Music, Qobuz, Deezer, YouTube Music, and Spotify.
NEWYou can now listen to Fox News articles!
Grok, the built-in chatbot on X, is facing intense scrutiny after acknowledging it generated and shared an AI image depicting two young girls in sexualized attire.
In a public post on X, Grok admitted the content “violated ethical standards” and “potentially U.S. laws on child sexual abuse material (CSAM).” The chatbot added, “It was a failure in safeguards, and I’m sorry for any harm caused. xAI is reviewing to prevent future issues.”
That admission alone is alarming. What followed revealed a far broader pattern.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
OPENAI TIGHTENS AI RULES FOR TEENS BUT CONCERNS REMAIN
The fallout from this incident has triggered global scrutiny, with governments and safety groups questioning whether AI platforms are doing enough to protect children. (Silas Stein/picture alliance via Getty Images)
Grok quietly restricts image tools to paying users after backlash
As criticism mounted, Grok confirmed it has begun limiting image generation and editing features to paying subscribers only. In a late-night reply on X, the chatbot stated that image tools are now locked behind a premium subscription, directing users to sign up to regain access.
The apology that raised more questions
Grok’s apology appeared only after a user prompted the chatbot to write a heartfelt explanation for people lacking context. In other words, the system did not proactively address the issue. It responded because someone asked it to.
Around the same time, researchers and journalists uncovered widespread misuse of Grok’s image tools. According to monitoring firm Copyleaks, users were generating nonconsensual, sexually manipulated images of real women, including minors and well-known figures.
After reviewing Grok’s publicly accessible photo feed, Copyleaks identified a conservative rate of roughly one nonconsensual sexualized image per minute, based on images involving real people with no clear indication of consent. The firm says the misuse escalated quickly, shifting from consensual self-promotion to large-scale harassment enabled by AI.
Copyleaks CEO and co-founder Alon Yamin said, “When AI systems allow the manipulation of real people’s images without clear consent, the impact can be immediate and deeply personal.”
PROTECTING KIDS FROM AI CHATBOTS: WHAT THE GUARD ACT MEANS
Grok admitted it generated and shared an AI image that violated ethical standards and may have broken U.S. child protection laws. (Kurt “CyberGuy” Knutsson)
Sexualized images of minors are illegal
This is not a gray area. Generating or distributing sexualized images of minors is a serious criminal offense in the United States and many other countries. Under U.S. federal law, such content is classified as child sexual abuse material. Penalties can include five to 20 years in prison, fines up to $250,000 and mandatory sex offender registration. Similar laws apply in the U.K. and France.
In 2024, a Pennsylvania man received nearly eight years in prison for creating and possessing deepfake CSAM involving child celebrities. That case set a clear precedent. Grok itself acknowledged this legal reality in its post, stating that AI images depicting minors in sexualized contexts are illegal.
The scale of the problem is growing fast
A July report from the Internet Watch Foundation, a nonprofit that tracks and removes child sexual abuse material online, shows how quickly this threat is accelerating. Reports of AI-generated child sexual abuse imagery jumped by 400% in the first half of 2025 alone. Experts warn that AI tools lower the barrier to potential abuse. What once required technical skill or access to hidden forums can now happen through a simple prompt on a mainstream platform.
Real people are being targeted
The harm is not abstract. Reuters documented cases where users asked Grok to digitally undress real women whose photos were posted on X. In multiple documented cases, Grok fully complied. Even more disturbing, users targeted images of a 14-year-old actress Nell Fisher from the Netflix series “Stranger Things.” Grok later admitted there were isolated cases in which users received images depicting minors in minimal clothing. In another Reuters investigation, a Brazilian musician described watching AI-generated bikini images of herself spread across X after users prompted Grok to alter a harmless photo. Her experience mirrors what many women and girls are now facing.
Governments respond worldwide
The backlash has gone global. In France, multiple ministers referred X to an investigative agency over possible violations of the EU’s Digital Services Act, which requires platforms to prevent and mitigate the spread of illegal content. Violations can trigger heavy fines. In India, the country’s IT ministry gave xAI 72 hours to submit a report detailing how it plans to stop the spread of obscene and sexually explicit material generated by Grok. Grok has also warned publicly that xAI could face potential probes from the Department of Justice or lawsuits tied to these failures.
LEAKED META DOCUMENTS SHOW HOW AI CHATBOTS HANDLE CHILD EXPLOITATION
Researchers later found Grok was widely used to create nonconsensual, sexually altered images of real women, including minors. (Nikolas Kokovlis/NurPhoto via Getty Images)
Concerns grow over Grok’s safety and government use
The incident raises serious concerns about online privacy, platform security and the safeguards designed to protect minors.
Elon Musk, the owner of X and founder of xAI, had not offered a public response at the time of publication. That silence comes at a sensitive time. Grok has been authorized for official government use under an 18-month federal contract. This approval was granted despite objections from more than 30 consumer advocacy groups that warned the system lacked proper safety testing.
Over the past year, Grok has been accused by critics of spreading misinformation about major news events, promoting antisemitic rhetoric and sharing misleading health information. It also competed directly with tools like ChatGPT and Gemini while operating with fewer visible safety restrictions. Each controversy raises the same question. Can a powerful AI tool be deployed responsibly without strong oversight and enforcement?
What parents and users should know
If you encounter sexualized images of minors or other abusive material online, report it immediately. In the United States, you can contact the FBI tip line or seek help from the National Center for Missing & Exploited Children.
Do not download, share, screenshot or interact with the content in any way. Even viewing or forwarding illegal material can expose you to serious legal risk.
Parents should also talk with children and teens about AI image tools and social media prompts. Many of these images are created through casual requests that do not feel dangerous at first. Teaching kids to report content, close the app and tell a trusted adult can stop harm from spreading further.
Platforms may fail. Safeguards may lag. But early reporting and clear conversations at home remain one of the most effective ways to protect children online.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com
Kurt’s key takeaways
The Grok scandal highlights a dangerous reality. As AI spreads faster, these systems amplify harm at an unprecedented scale. When safeguards fail, real people suffer, and children face serious risk. At the same time, trust cannot depend on apologies issued after harm occurs. Instead, companies must earn trust through strong safety design, constant monitoring and real accountability when problems emerge.
Should any AI system be approved for government or mass public use before it proves it can reliably protect children and prevent abuse? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
In one case that experts described as “really dangerous”, Google wrongly advised people with pancreatic cancer to avoid high-fat foods. Experts said this was the exact opposite of what should be recommended, and may increase the risk of patients dying from the disease.
In another “alarming” example, the company provided bogus information about crucial liver function tests, which could leave people with serious liver disease wrongly thinking they are healthy.
Trump endorses Cuellar opponent after pardoning Dem rep
Florida boater accused of killing teen in crash avoids jail time with plea deal
Blue state governor demands private airlines stop providing ICE flights after deadly Minneapolis shooting
Detroit man arrested following manhunt for double murder in Tennessee
George Kittle used bottle of tequila to deal with devastating Achilles injury
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Video: ‘It Didn’t Have to Happen This Way:’ U.Va. Faculty Call for Review of Police Response to Protests
San Antonio ends its abortion travel fund after new state law, legal action
UN top court set to open Myanmar Rohingya genocide case
Arson engulfs Mississippi synagogue, a congregation once bombed by Ku Klux Klan
Federal judge blocks Trump administration from enforcing mail-in voting rules in executive order
Four killed, 20 injured in overnight Russian strikes across Ukraine
-
Detroit, MI1 week ago2 hospitalized after shooting on Lodge Freeway in Detroit
-
Technology6 days agoPower bank feature creep is out of control
-
Dallas, TX4 days agoAnti-ICE protest outside Dallas City Hall follows deadly shooting in Minneapolis
-
Delaware3 days agoMERR responds to dead humpback whale washed up near Bethany Beach
-
Dallas, TX1 week agoDefensive coordinator candidates who could improve Cowboys’ brutal secondary in 2026
-
Iowa6 days agoPat McAfee praises Audi Crooks, plays hype song for Iowa State star
-
Montana2 days agoService door of Crans-Montana bar where 40 died in fire was locked from inside, owner says
-
Health1 week agoViral New Year reset routine is helping people adopt healthier habits