Connect with us

Technology

One streaming app to (almost) rule them all

Published

11 months ago

on

One streaming app to (almost) rule them all

Hi, friends! Welcome to Installer No. 78, your guide to the best and Verge-iest stuff in the world. (If you’re new here, welcome, sorry everything’s about to get so expensive, and also you can read all the old editions at the Installer homepage.)

This week, I’ve been reading about baseball bats and work-life balance and BYD and Scarlett Johansson, watching Paradise, rekindling my love of pear-flavored jelly beans, sharing Robin Sloan’s AI take with anyone who will listen, grooving to the greatest unexpected Doechii remix of all time, and finally finding the monitor mount that makes my webcam upgrade work.

I also have for you a couple of great new apps for streaming and gaming, a look back into Microsoft’s history, the latest on the Switch 2, a screed against screen time, and much more.

Oh, and a programming note: Installer is off next week. Taking a little break before we ramp up for Developer Conference season. But we have lots to do today! Let’s get into it.

(As always, the best part of Installer is your ideas and tips. What are you into right now? What should everyone else be reading / listening to / watching / downloading / sipping on this week? Tell me everything: installer@theverge.com. And if you know someone else who might enjoy Installer, tell them to subscribe here.)

Advertisement
  • Plex. Plex has spent a lot of time and energy trying to become a proper, legit streaming platform, and the new mobile app is by far the most mainstream-useful thing it has ever made. Mixing streaming media with my library, and lots of discovery tools, feels really nice. Fair warning, though: you’ll need a $4.99 monthly sub to get a lot of Plex’s best features.
  • Delta 1.7. The iPhone’s best game emulator, now with online multiplayer! (At least for DS games.) It also has nice screenshot support and some new N64-specific updates, which gives me great hope for the Mario Golf ROM I’ve already put too many hours into.
  • Skylight. It looks exactly like TikTok, but it runs on the same AT Protocol that powers Bluesky. That is a very enticing combination — and it’s a really nice app for something so brand new. Bluesky is really starting to look like the fediverse.
  • Celebrate 50 years of Microsoft with the company’s original source code. This week was the 50th anniversary of Microsoft, and Bill Gates marked the occasion by releasing all its original Altair BASIC source code — via one of the cooler retro-style websites you’ll ever use.
  • The Nintendo Switch 2. I know, we’ve talked about this before, and I know, it’s not launching until June. But the new Switch — a console I am outrageously, maybe unprecedentedly, excited about, especially now that we’ve learned more about its specs and its game lineup — is officially launching in June, and I just needed you to know so you don’t miss it. I will be there. You can’t preorder it yet, because of chaos, but I’ll keep you posted.
  • I hate my phone so I got rid of it.” Been a while since a 46-minute YouTube rant had me nodding this hard — but Eddy Burback does a great job of explaining both why our phones are a problem, and why life without a phone feels increasingly impossible. Using a landline? Can you imagine?
  • A Minecraft Movie. The reviews are meh, because of course they are. But I’ll watch Jack Black in anything, and I’m genuinely curious to see both what the blocky movie world looks like and how this very clearly Lego Movie-inspired flick pulls off the whole “just keep building” bit.
  • DEVONthink 4.0. DEVONthink is, like, the ultimate Mac app for just storing all your junk. The design’s a little ’90s for my taste, but the new beta has some nice updates and a huge set of AI tools for finding, summarizing, and organizing content. I’m tempted to throw my whole life back in the app.
  • Koira. Another delightful entrant (for Steam and PS5) in one of my favorite game genres — the quiet, simple puzzler that never tries to do too much but somehow seems to keep your attention forever. Plus, you get a puppy friend!

We’ve talked about the app Sofa a few times here in Installer. It’s a really good-looking, powerful app for Apple devices that lets you manage all the stuff you want to watch, read, listen to, and everything else. I’ve come to appreciate having it as the app I go to when I deliberately want to relax. Rather than just aimlessly scroll on Reddit or whatever, Sofa is just a giant list of stuff I actually want to consume.

Sofa’s big new feature this week is a podcast player, which is full-featured enough that you can use Sofa as your one and only podcast app. Like everything else in Sofa, it’s really nicely made and is already as good at queue management as any app I’ve tried.

On the occasion of the new update, I asked Shawn Hickman, Sofa’s developer, to share his homescreen with us. I figured he might have some widget ideas, you know? Here it is, plus some info on the apps he uses and why:

The phone: iPhone 16 Pro Max. I love the big phones and have embraced the PopSocket life.

The wallpaper: My homescreen rotates images from my photo library (one of my favorite iOS features), and I use the blurred version of it as my “wallpaper.”

The apps: Camera, Phone, Apple Maps, Clock, Wallet, Settings, Photos, Reminders, App Store, Music, Safari, 1Password, YouTube, Bear, YouTube Studio, Lightroom, Things, Blackmagic Camera, Reeder, Discord, RevenueCat, ChatGPT, Apple Sports, Mail, Messages, Sofa, Apple Notes.

Advertisement

I keep very few apps on my homescreen and tend to rely on search more. Also, I’m not a big widgets person. I have a few on my first page (Photos, Weather, and Calendar), but I prefer scanning app icons rather than widgets 🤷‍♂️.

Things, Bear, and Reeder are a few of my favorite apps of all time. I’ve used Reeder (now Reeder Classic) for a long time and have always been impressed with the app’s craftsmanship. The new Reeder is even better. I actually like the “news feed” approach more than the traditional RSS feed / inbox approach. I find it to be a low-stress way to keep up with different news sources.

Bear is where I write and store a lot of my “work” notes. I love writing in markdown, the flexibility of the app’s tagging system, and its visual design. Things is my favorite app ever. I’ve been using it for so long and couldn’t imagine managing my work without it. Simply the best.

I have a YouTube channel. I’ve been experimenting with shooting Apple Log, and the Blackmagic Camera app is by far the most flexible. You need to do a bit of learning, but it’s pretty sweet once you’ve gotten a handle on it. I love photography, and really love editing photos, so I tend to spend a lot of time in Lightroom. I find it relaxing, and tend to edit photos when I’m stuck on a problem. It weirdly helps me think.

RevenueCat is a great service that makes implementing and managing Sofa’s app subscriptions much easier.

Advertisement

I also asked Shawn to share a few things he’s into right now. Here’s what he sent:

  • Severance. It’s probably my favorite TV show since the first season of Stranger Things… and I really want to buy one of the keyboards the MDR team uses! Now we must all endure the long wait for season 3.
  • I’ve been on a history kick, and there are a few documentaries I’ve really liked: Benjamin Franklin, The Roosevelts: An Intimate History, and I’m currently watching The War.
  • Framelines: I’m a photography enthusiast, and one of my favorite YouTube channels, and now magazines, is Framelines. They focus a lot on street photography but expand beyond that quite a bit. Their channel is great, and I love getting their physical magazines, too.

Here’s what the Installer community is into this week. I want to know what you’re into right now as well! Email installer@theverge.com or message me on Signal — @davidpierce.11 — with your recommendations for anything and everything, and we’ll feature some of our favorites here every week. For even more great recommendations, check out the replies to this post on Threads and this post on Bluesky.

“I played Dungeon Pages for the first time on my iPad last night and REALLY enjoyed it! Would be even more enjoyable on paper to get away from doomscrolling for a while.” – Dylan

“I initially had my heart set on the Fujifilm X100VI, but a friend suggested the X-T50. It’s been a great learning experience, and I’m pleased with the photos I’ve taken. I’m still discovering all the nuances of the Fujifilm ecosystem.” – Paul

“If you’re liking your SodaStream, you should check out Simpli Soda — they’re a family business out of SE Wisconsin that does mail-in cylinder swaps for all brands (including quick-connects like your SodaStream Art uses) for less $$.” – Cori

“Late to the party, but Baldur’s Gate 3. I was blown away by how quickly I got immersed, and I’m only on my first playthrough. I didn’t realize that it ran natively on macOS until last month.” – Drake

Advertisement

“Wanted to recommend a great app I have been happily using (+ paying for) for five years that no one else seems to talk about: Mealime. It’s the perfect app if, like me, you struggle not only at planning recipes for the week but also the act of shopping itself. Normally, when I make a grocery list, I crisscross the grocery store looking for what I need. Mealime gives you tons of recipes, lets you filter by dietary preferences, make a meal plan, and then it makes a grocery list grouped by section of the grocery store. It’s a total game-changer for me.” – Drew

“I absolutely love Li Hing pineapple rings. I’m told they’re common in Hawaii, but on the East Coast, they’re new to me. Sour and delicious. I order mine from Wholesale Unlimited Hawaii, and they’re fun and delicious and unique. The store has tons of snacks I’ve never seen around where I live, and everything I’ve bought is really good.” – Steve

“I finished watching Reacher season 3 on Prime Video. I liked the season as an action flick, but it doesn’t feel like a Reacher-level story. The investigation element was missing from this season. Season 1 was the strongest offering in this series.” – Ankur

“I just found out about the Johnny.Decimal system last night. Diving in to reorganizing my work files as I descend further down the PKM rabbit hole.” – Dirk

Otherwise Objectionable is an excellent history of Section 230. Hosted by Mike Masnick and featuring recollections from the folks who were there at the inception of the ‘26 words that created the Internet.’ Section 230 is under threat (yet again), so it’s a good time to learn why it’s so important we don’t screw it up with badly written and misguided legislation.” – Zip

Advertisement

If you were extremely online during a very specific time period, the names Jake Hurwitz and Amir Blumenfeld might mean a lot to you. They were two of my first favorite online comedians, part of a brilliant CollegeHumor gang that was way ahead of its time making funny stuff on the internet.

If you’ve never watched a Jake and Amir, head to their YouTube channel, sort by oldest, and give it a whirl. But if you can quote as many of their bits as I can, you really should check out the “Greatest Jake and Amir Episode Ever” tournament the two guys are doing on the channel, rewatching and commenting on some of their best work. (If you’re on their Patreon, you can already see who won the tournament, but as I write this, the YouTube channel is only up to the Final Four.) I was shocked at how many of these videos I can still recite, pretty much word for word, all these years later. No keeding.

Related Topics:
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Technology

Meet the Pentagon’s AI bro squad

Published

4 hours ago

on

February 24, 2026

By

Meet the Pentagon’s AI bro squad

Hello and welcome to Regulator, a newsletter for Verge subscribers covering the broligarchs, the influencers, and the (potentially conscious) artificial intelligence models scrambling for power in Washington. If you’re not a subscriber yet, assert your humanity against the will of the machines by signing up here.

Very important news: Do you want to tell me stuff and see it printed in Regulator? Well, now you can, because we have a new tip line! Send all commentary, cool information, and ~secrets~ to tina.nguyen+tips@theverge.com.

The Pentagon’s private-sector A-Team

This morning, in advance of a meeting between Defense Secretary Pete Hegseth and Anthropic CEO Dario Amodei, my colleague Hayden Field and I published a story about the Pentagon’s hardball contract renegotiations with Anthropic. The stakes are higher than it should reasonably be, with the Pentagon continuing to designate Anthropic a “supply-chain risk” if the company doesn’t comply with their demands about their acceptable use policy.

In a post-meeting readout, Axios reported that Hegseth brought several other senior Defense officials to the meeting in an attempt to show that the Pentagon was taking the dispute “seriously.” But in a post-DOGE Trump administration run by broligarchs, it’s always worthwhile to check the attendees’ bios. Some of them were normal senior officials who’d spent their careers in government and military work, but the others have somewhat unusual backgrounds:

Advertisement
  • Pentagon CTO Emil Michael, who we reported has been spearheading negotiations with Anthropic. Michael may be familiar to longtime Verge readers and followers of Silicon Valley corporate drama as the former second-in-command at Uber when Travis Kalanick was CEO. Michael was pushed out in 2017 after an investigation found that he, and several other top executives that called themselves the “A-Team,” perpetuated a culture of sexual harassment at the company.
    • For anyone curious about his history on surveillance: During a 2014 dinner with several journalists, Michael suggested that Uber hire opposition researchers to gather personal “dirt” on reporters publishing unfavorable news, suggesting that he’d wanted to target one female reporter who had recently criticized the company for its culture of misogyny. This was also around the time that Uber drew controversy for an internal tool known as “God Mode,” which employees used to track the movements of its users, including one BuzzFeed journalist who was writing about an Uber executive.
  • Deputy Secretary Steve Feinberg, the founder of the private equity firm Cerberus Capital Management, which manages roughly $65 billion in assets and specializes in “distressed properties.” Feinberg, who’s widely blamed for the death of the auto manufacturer Chrysler, was also an early supporter of Donald Trump, donating to his 2016 presidential campaign and serving on the president’s intelligence advisory board in 2018. During his 2025 Senate confirmation hearing, Feinberg touted Cerberus’ investments in several companies involved in national security, saying he had “significant experience with the Pentagon as a contractor and understand[s] how it functions and is organized.”
    • At the time, Democrats raised concerns that Feinberg would have conflicts of interest due to Cerberus’ numerous investments in defense companies such as DynCorp. (That year, DynCorp settled a lawsuit with the Department of Justice over allegations that it had “knowingly inflated subcontractor charges under a State Department contract to train Iraqi police forces.”)
    • In 2023, while Feinberg was still at Cerberus, the firm launched Cerberus Ventures, a venture capital arm that invests in early-stage companies that address national security issues in critical infrastructure.
  • Hegseth’s chief spokesperson, Sean Parnell, an Army veteran who, in 2021, attempted to run for an open Senate seat in Pennsylvania. While he won Trump’s endorsement in the heated Republican primary, he was forced to drop out in November after his ex-wife made several allegations of serious physical and psychological abuse during a custody hearing. She was afforded full legal custody. (Dr. Mehmet Oz, now serving in the Trump administration, subsequently won the nomination.)

Feinberg and Michael’s presence should draw eyeballs. Yes, they both have some amount of defense industry experience: Michael was a White House fellow during the Obama administration, and spent two years as a special assistant to Defense Secretary Robert Gates at the Pentagon, which isn’t nothing. Feinberg has clearly spent time with defense contracts. But one must fully appreciate the rapacious business mindset that private sector types love to bring into the government — especially with high-stakes negotiations such as this. Parnell’s presence, meanwhile, makes sense within the context of “being the spokesman for Pete Hegseth.”

The single-supplier shuffle

One topic Hayden and I didn’t get to explore more was the “single-supplier vulnerability” issue, but it’s turning into a crucial factor in negotiations.

In 2024, the Biden administration released a national security memorandum on the use of artificial intelligence, which laid out several directives regarding the protection of the supply chain. Among them was a directive for the Department of Defense to maintain contracts with at least two frontier AI labs that were cleared to handle classified information, in order to prevent a scenario where one compromised vendor could take down an entire IT system. But as early as the summer of 2025, I’m told, the Trump administration was trying to address that vulnerability. While they had signed separate contracts with Anthropic, Google, xAI, and OpenAI, only Anthropic’s model was cleared for classified use when Hegseth published his memo outlining his new AI policy in January.

This has placed the Pentagon in a tight situation: Even if they successfully cut out Anthropic and go through the arduous process of making every defense contractor remove Claude from their workflows, they would risk being out of compliance with the Department’s own guidelines, to say nothing of common sense. (Avoiding single-supplier vulnerability is a very basic practice in the tech industry.)

It certainly provides more context to the Pentagon’s decision last night to suddenly grant xAI’s Grok access to classified systems, even though Grok is widely considered the least capable of the available models. While The New York Times reported that Google is also close to signing a deal allowing the Pentagon to use Gemini for classified work, defense insiders view Gemini as a quality rival to Claude, while xAi’s Grok “is not considered as advanced or as reliable as Anthropic’s.” OpenAI is not close to a deal, as the company reportedly believes that it must improve ChatGPT’s safety features before deploying it on classified networks.

Advertisement

So let’s do the math. You have four AI models, and you’re required to work with two of them. Your choices are:

1) A company with a pretty good AI model and increasingly flexible morals

2) A company with the best AI model, but which refuses to let you use it for autonomously killing people without human input

3) A company whose AI model isn’t secure enough to deploy yet

4) A company whose AI has racist hallucinations and generates child porn, and that you don’t consider “advanced [or] reliable”

Advertisement

If you can’t contract with companies 2 and 3, you’re stuck with companies 1 and 4, which even Defense officials admit is not optimal from a national security perspective. “The only reason we’re still talking to these people [Anthropic] is we need them and we need them now. The problem for these guys is they are that good,” a Defense official told Axios ahead of the meeting.

The latest Clarity Act negotiations between finance and crypto last week inadvertently turned into the latest episode of recurring segment I’m now calling: “Why is Laura Loomer tweeting about obscure deep-cut tech issues as if they are MAGA loyalty tests?”

Last Thursday, a small group of powerful crypto and finance players met at the White House to continue hashing out draft language over stablecoin yields. Coinbase, which sparked these negotiations after it withdrew support from Clarity over stablecoin yields, was in attendance. Prior to the meeting, however, Loomer tweeted a classic banger that demonstrated the tactics she uses to wield influence over Trump: Cast the target as someone who once supported Trump’s enemies and is therefore disloyal.

Screenshot via @LauraLoomer/X.

Ironically, Coinbase has turned into one of the biggest branded boosters of the Trump administration, donating money to his pet initiatives and even having their logo splashed all over last year’s military parade.

Advertisement

Though Loomer tweeted a similar sentiment about Coinbase last June, it seems to have had no impact on whether Coinbase has access to Trump, and likely won’t for a while: I’m told that CEO Brian Armstrong was at Mar-a-Lago the day before Loomer tweeted, attending a World Liberty Financial event.

A wild Trumpworld character has appeared!

If you followed the saga of Logan Paul auctioning off his Pokémon card collection, you may be aware that one of those cards sold for a record-setting $16.5 million last week. But who’s that Pokémon purchaser? It’s AJ Scaramucci, the son of the one and only Anthony Scaramucci, the New York financier and former Trump ally who famously served as Trump’s White House Communications Director in 2017 for 10 days.

AJ is the founder of Solari Capital, which invested $100 million in a Bitcoin mining platform run by Eric Trump. He also now owns the Pikachu Illustrator card, one of only 39 cards in existence and in Grade 10 condition, as well as the diamond chain and carrying case that Paul wore to display the card when he appeared at WrestleMania 38. Scaramucci told reporters that he purchased the card as part of his upcoming “planetary treasure hunt,” adding that he also hoped to purchase a T. rex skull and the Declaration of Independence. (He later posted on X that he hoped to place the card in the Nintendo Museum in Kyoto and cement it as “the ‘Mona Lisa’ of the Pokemon franchise.”)

Screenshot via @jedimooch/X.

Screenshot via @jedimooch/X.

We can’t believe that a court has to tell you this, much less the Southern District of New York: If you put correspondence between you and your lawyer into a publicly available AI platform, it is no longer protected by attorney-client privilege and becomes subject to discovery!!!!

Advertisement

In any case, have a pleasant State of the Union watch party (if anyone does that anymore) and see you next week.

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Continue Reading

Technology

Apple app password scam email warning

Published

5 hours ago

on

February 24, 2026

By

Apple app password scam email warning

NEWYou can now listen to Fox News articles!

You open your inbox and see a subject line from Apple. It says an app-specific password was generated for your account. Then your stomach drops.

The email claims you authorized a $2,990.02 PayPal payment. It even includes a confirmation number. It urges you to call a support number right away. There is just one problem. You never did any of this.

If that sounds familiar, you are likely looking at a classic Apple impersonation scam.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Advertisement

Scammers are using Apple branding and urgent language to trick victims into calling a fake support number. (Kevin Carter/Getty Images)

What the fake Apple email says

The message claims:

  • An app-specific password was generated
  • A large PayPal payment was approved
  • You should call the listed phone number to report an unauthorized transaction

At first glance, it looks polished. It uses Apple branding. It mentions Apple Support. It includes a confirmation code. However, once you slow down and read it carefully, the red flags jump out.

Red flags in the Apple app-specific password scam email

Before you panic or pick up the phone, take a closer look at these warning signs that expose this Apple app-specific password scam email.

1) The ‘To’ address is not you

The “To” field shows an email address that is not the recipient’s actual address. That is a huge warning sign. Legitimate Apple security emails are sent directly to the Apple ID email on file. If the visible recipient address is different from yours, the message was likely mass-mailed or spoofed. Scammers blast these emails to thousands of addresses at once. They do not customize the recipient line properly. That mismatch alone is enough to treat the message as fraudulent.

Advertisement

2) The sudden $2,990 charge

Scammers love big numbers. A charge close to $3,000 is designed to trigger panic. When people feel fear, they act fast. That is exactly what the criminals want.

3) The ‘call this number now’ trick

The email pushes you to call a specific phone number. That number does not belong to Apple. Real Apple security emails tell you to visit your account directly. They do not pressure you to call a random support line.

If you call, the scammer may:

  • Ask for your Apple ID password
  • Request remote access to your computer
  • Tell you to move money to “secure” your account

That is how the real damage begins.

4) Bold links that push you to click

The email includes bold links such as Apple Account and Apple Support. They are designed to look official and trustworthy. However, scammers often hide malicious URLs behind legitimate-looking text. When you hover over the link, the actual destination may be a completely different website. That is why you should never click links inside a suspicious email. Instead, open a new browser window and type the official website address yourself.

5) Mixed messages about passwords and payments

The subject mentions an app-specific password. The body suddenly talks about a PayPal transaction. That mismatch is a major warning sign. Scammers often combine multiple fears into one message to increase urgency.

Advertisement

6) Generic greeting

The email opens with “Dear Customer.” Apple typically addresses you by your name. Generic greetings are common in bulk phishing emails.

SPYWARE CAN HIGHJACK YOUR PHONE IN SECONDS

A fake Apple email claiming a $2,990 PayPal charge is targeting inboxes in a new impersonation scam. (Qilai Shen/Bloomberg via Getty Images)

More subtle signs this is a scam

There are several additional details that help confirm this is not real.

The reply-to address may look legitimate at first glance

In this case, the Reply-To field shows appleid-usen@email.apple.com, which appears to be an official Apple domain. However, a familiar-looking domain does not automatically prove an email is legitimate. Scammers can spoof visible sender information. They can manipulate display names and certain header fields so a message appears to come from a trusted company. Most people never see the deeper technical authentication details, such as SPF, DKIM or DMARC validation. That means a legitimate-looking sender address can still appear in a fraudulent message. When evaluating a suspicious Apple app-specific password email, weigh all the red flags together, not just the reply-to address.

Advertisement

If the email also includes:

  • A mismatched “To” field
  • A large unexpected payment
  • An urgent phone number
  • Mixed messaging about passwords and PayPal

Those warning signs matter far more than a familiar-looking domain.

The payment language feels forced

The email says: “You authorized a USD 2,990.02 payment to apple.com using PayPal.” That wording feels stiff and unnatural. Apple receipts usually reference specific products, subscriptions or invoice details. They do not vaguely reference a large PayPal payment tied to a password notification. The mismatch between a password alert and a major payment should raise suspicion immediately.

The masked email formatting looks odd

The message shows a masked address with dots and an unusual domain, such as relay.quickinvoicesus.com. That is not standard Apple formatting. Apple typically references your Apple ID directly, not an unrelated invoice-style domain. That strange domain inclusion is another strong indicator that this email is fraudulent.

The pressure to act fast

The message urges you to call immediately to report an unauthorized transaction. High urgency is a hallmark of phishing. Legitimate companies encourage you to log in securely to your account. They do not rush you into calling a third-party phone number. When you feel rushed, pause. Scammers rely on speed and emotion.

What this scam is really trying to do

This is a refund scam disguised as a security alert.

Advertisement

The goal is simple. Get you to call the fake support number. Once you are on the phone, the scammer may:

  • Ask for your Apple ID password
  • Request remote access to your computer
  • Guide you through fake refund steps
  • Steal banking or PayPal information

In many cases, victims lose far more than the fake $2,990 charge mentioned in the email.

How to check your Apple account safely

If you receive this type of message, pause. Then take control. Instead of clicking links in the email:

  • Open a new browser window
  • Type appleid.apple.com directly into the address bar
  • Log in and review your account activity

If you did not generate an app-specific password and you see no suspicious charges, you are safe. You can also check your PayPal account directly by typing paypal.com into your browser. Never rely on links or phone numbers inside a suspicious email.

Apple app-specific password scam email checklist

Use this simple checklist the next time you get a scary email:

  • The “To” field does not match your email
  • The greeting says Dear Customer
  • There is a large unexpected charge
  • You are told to call a number immediately
  • The topic feels mismatched, such as password plus payment

If several of these appear together, you are almost certainly dealing with a scam.

Why Apple and PayPal impersonation scams keep working

Apple has billions of users. PayPal has hundreds of millions more. Both brands are trusted, widely used and connected to sensitive financial information. When criminals attach Apple’s name to a message, people pay attention. When they add PayPal and a large dollar amount, the fear intensifies. That combination is powerful. It blends account security concerns with financial panic. Many people react before they pause to verify the details. That split second of fear is exactly where scammers make their money.

“PayPal does not tolerate fraudulent activity, and we work hard to protect our customers from evolving phishing scams,” a PayPal spokesperson told CyberGuy. “We always encourage consumers to practice vigilance online and to learn how to spot the warning signs of common fraud. We recommend reviewing our best practice tips for avoiding phishing schemes on the PayPal Newsroom, and contacting Customer Support directly through the PayPal app or our Contact page for assistance if you believe you have been targeted by a scam.”

Advertisement

CyberGuy also reached out to Apple for comment.

TAX SEASON SCAMS 2026: FAKE IRS MESSAGES STEALING IDENTITIES

The fraudulent message combines an app-specific password alert with a PayPal charge to create panic. (Christian Charisius/picture alliance via Getty Images)

How to protect yourself from Apple phishing emails

You can reduce your risk from an Apple app-specific password scam email with a few smart habits. These steps protect more than just your Apple account. They protect your entire digital life.

1) Use two-factor authentication

Enable two-factor authentication (2FA) on your Apple ID, PayPal and email accounts. Even if someone guesses your password, they still cannot log in without the second verification step. That extra layer blocks most account takeover attempts.

Advertisement

2) Never click links or call numbers in suspicious emails

If an email tells you to call support or click a link, stop. Instead, open a new browser window and type the official website address yourself. Go directly to appleid.apple.com or paypal.com. Also, make sure you have strong antivirus software installed on your devices. Strong antivirus tools can detect malicious links, block phishing sites and warn you before you land on a fake login page. That protection matters because one click on the wrong link can expose login credentials or install hidden malware. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

3) Watch for urgency and fear tactics

Scammers push urgency. They use large dollar amounts and phrases like unauthorized transaction to rush you. Pause when you feel panic. Review the details carefully. Legitimate companies do not pressure you into instant action.

4) Keep your devices updated

Install software updates on your phone and computer as soon as they become available. Security patches fix vulnerabilities that attackers exploit. Outdated software makes phishing and malware attacks easier to pull off.

5) Use a password manager and strong, unique passwords

Do not reuse passwords across accounts. If one site gets breached, reused passwords put everything else at risk. A password manager generates long, complex passwords and stores them securely. That way, even if scammers trick you into entering one password somewhere, it will not unlock your other accounts. 

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

Advertisement

6) Reduce your exposed personal information

Scammers often find your email address and personal details through data broker sites. Using a reputable data removal service can reduce how much of your personal information is publicly available online. When less of your data floats around the internet, criminals have fewer tools to target you with convincing phishing emails. Less exposure means fewer personalized scams landing in your inbox. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

7) Report the phishing email

Forward suspicious Apple impersonation emails to reportphishing@apple.com. You can also mark the message as phishing in your email provider. Reporting scams helps improve filters and protect other people from falling victim.

8) Monitor your financial accounts

Even if you did not click anything or call the number, review your bank, PayPal and Apple accounts for unusual activity over the next few days. Early detection limits damage. The faster you spot fraud, the easier it is to reverse.

9) Consider freezing your credit if information was exposed

If you entered personal information or downloaded anything suspicious, consider placing a free credit freeze with Equifax, Experian and TransUnion. A credit freeze prevents criminals from opening new accounts in your name. To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.” 

Advertisement

Kurt’s key takeaways

If you received an Apple app-specific password email with a $2,990 charge you did not authorize, trust your instincts. It is almost certainly a scam. Do not call the number. Do not click the links. Go directly to your official account pages and check for yourself. A few calm minutes can save you thousands of dollars and hours of stress.

When phishing scams use trusted brands like Apple so easily, is the tech industry truly staying ahead of cybercriminals? Let us know your thoughts by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All rights reserved.

Advertisement

Related Article

Don't ignore Apple's urgent security update

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Continue Reading

Technology

How Claude Code Claude Codes

Published

16 hours ago

on

February 24, 2026

By

How Claude Code Claude Codes

Claude Code is a developer tool for developers. And yet, over the last year and especially the last few months, the team at Anthropic has seen a huge number of people, across industries and disciplines, figure out how to access their terminal so that they could build new stuff too. Few AI products have found true product-market fit the way Claude Code has. But how did that happen? And are we ever going to get out of the terminal?

On this episode of The Vergecast, Anthropic’s Boris Cherny, the head of Claude Code, explains how the project has taken off over the last year. Cherny has made a lot of headlines recently by saying that Claude Code now writes 100 percent of his code, and he explains how his relationship to that code has changed. We also talk about Cowork, and Anthropic’s ongoing attempt to make Claude Code (and everything) a little more accessible to everyday users. It won’t just be chat windows, but nobody’s exactly sure what it will be yet.

After that, The Verge’s Hayden Field joins the show to continue our conversation from a few weeks ago about AI and privacy. These new agentic systems all ask for vast access to our data, our apps, even our devices themselves, in exchange for doing lots of useful things on our behalf. Hayden walks through the tradeoffs inherent in that access and how you should think about guarding your data going forward.

Finally, The Verge’s Allison Johnson helps David answer a question from the Vergecast Hotline (call 866-VERGE11 or email vergecast@theverge.com!) about how the RAM shortage will affect your gadget purchases this year. Depending on who you are, and how old your gadgets are, it’s either time to do some maintenance or do some upgrading.

If you want to know more about everything we discuss in this episode, here are some links to get you started:

Advertisement
Continue Reading
Advertisement

Trending