Apple will notify you if a government tries to spy on your iPhone
Just today, we covered Apple's sudden lawsuit against NSO Group, the Israeli technology firm that has become notorious for its Pegasus spyware, which it sells to governments around the world.
While the spyware is designed and sold under the conditions that it is only used for the purpose of justice and peacekeeping, it's no secret that governments all over the place have been abusing their ownership of Pegasus and using it to keep track of innocent civilians, who can be considered threats to the state's agenda simply for their differing views.
This has both threated and caused the loss of many lives in countries under strict regimes, and Apple—ever the advocate for online security—has taken an official stand against this blatant abuse of dangerous software on Apple devices.
Apple is personally notifying anyone affected from an attack by Pegasus
Apart from launching the huge lawsuit against NSO Group, Apple has also announced that it will personally notify anyone who has been targeted in the past by a particular exploit known to be used by Pegasus, called FORCEDENTRY.
The zero-click exploit (requiring no action from the user to gain entry) has since been patched, but Apple claims that there are still a "small number of users" whose devices have been infiltrated by Pegasus. The number of victims hasn't been specified.
Anyone who has been affected via the FORCEDENTRY attack at any point, Apple promises, will be notified through both e-mail, iMessage, and text notifications, informing iPhone users of the privacy breach. Apple will include instructions on how to kick out the bug and regain privacy and cybersecurity afterwards.
Apple re-iterates, in the support document released today, that "Apple threat notifications will never ask you to click any links, open files, install apps or profiles, or provide your Apple ID password or verification code by email or on the phone."
The only way to ensure that an Apple threat notification sent to your phone is legitimate, is to sign in to appleid.apple.com. If it's genuine, Apple says it will be "clearly visible at the top of the page after you sign in."
Things that are NOT allowed: