iPhone Update — Apply It Now If You Haven’t Already

Apple recently issued an urgent iPhone update, iOS version 16.5.1. If you haven’t updated yet, you should. 

Owners of iPads should update to iOS 16.5.1 as well. 

The update contains two critical security fixes that prevent bad actors from executing malicious code on iPhones and iPads.  

One of the fixes addresses an issue with the kernel of the device—the core code that runs iPhones and iPads. Apple reported that the issue could allow an app to execute arbitrary code with kernel privileges. With those privileges, a malicious appp could attack the device at the root level. The other addresses an issue with the operating system’s WebKit, which, if uncorrected, could process maliciously crafted web content. 

You can update to iOS 16.5.1 now by going to Settings > General > Software Update. 

The update is available for:  

• iPhone 8 and later. 
• iPad Pro (all models). 
• iPad Air 3rd generation and later. 
• iPad 5th generation and later. 
• iPad mini 5th generation and later. 

Protecting your iPhone 

Keeping your operating system current on your iPhone, and all your devices, provides a strong foundation for protection. In addition to adding new features, updates often include fixes focused on security. In this case, a couple of critical security fixes. 

You have a few options for keeping on top of security updates: 

1. Turn on automatic updates. This will ensure that your device is running the latest and greatest version of the operating system. Additionally, you can turn on automatic updates for all your apps as well. Together, they will take the work out of keeping things current.
2. Check for updates yourself. Even with automatic updates turned on, you might experience slightly delayed access to the latest update. In some cases, updates get rolled out to batches of users at a time to prevent download servers from getting overwhelmed. However, manually checking for updates will provide access to the latest version regardless of where you stand in the rollout queue. This way, if you see a news story about a critical update, you can still download it right away.
3. Use online protection software for your phone. Protection like our McAfee+ plans include a Wi-Fi & System Scan feature that notifies you when you need to update iOS. It can also take the guesswork out of whether you are current or not—and keep you in the loop if you miss the news of an important update. McAfee+ offers far more protection from there. It now includes our WebAdvisor extension, which warns you of sketchy phishing links and unsafe downloads. Privacy protection and identity protection come included as well, along with a VPN for a more secure connection. 

Keep safe. Keep your iOS (and your apps) current. 

Aside from using online protection software, keeping your device current offers a strong defense from hacks and attacks. Updates to your operating system and apps will fix security issues and loopholes—the very sorts of things that bad actors are quick to exploit. 

You can keep current quite easily, thanks to automatic updates. Yet keeping an eye on the news remains important as well. If you catch word of an important update, grab it right away. No need to wait. 

The post iPhone Update — Apply It Now If You Haven’t Already appeared first on McAfee Blog.

Anyone Can Try ChatGPT for Free—Don’t Fall for Sketchy Apps That Charge You

Anyone can try ChatGPT for free. Yet that hasn’t stopped scammers from trying to cash in on it.  

A rash of sketchy apps have cropped up in Apple’s App Store and Google Play. They pose as Chat GPT apps and try to fleece smartphone owners with phony subscriptions.  

Yet you can spot them quickly when you know what to look for. 

What is ChatGPT, and what are people doing with it? 

ChatGPT is an AI-driven chatbot service created by OpenAI. It lets you have uncannily human conversations with an AI that’s been programmed and fed with information over several generations of development. Provide it with an instruction or ask it a question, and the AI provides a detailed response. 

Unsurprisingly, it has millions of people clamoring to use it. All it takes is a single prompt, and the prompts range far and wide.  

People ask ChatGPT to help them write cover letters for job interviews, make travel recommendations, and explain complex scientific topics in plain language. One person highlighted how they used ChatGPT to run a tabletop game of Dungeons & Dragons for them. (If you’ve ever played, you know that’s a complex task that calls for a fair share of cleverness to keep the game entertaining.)  

That’s just a handful of examples. As for myself, I’ve been using ChatGPT in the kitchen. My family and I have been digging into all kinds of new recipes thanks to its AI. 

Sketchy ChatGPT apps in the App Store and Google Play 

So, where do the scammers come in? 

Scammers, have recently started posting copycat apps that look like they are powered by ChatGPT but aren’t. What’s more, they charge people a fee to use them—a prime example of fleeceware. OpenAI, the makers of ChatGPT, have just officially launched their iOS app for U.S. iPhone users and can be downloaded from the Apple App Store here. The official Android version is still yet to be released.  

Fleeceware mimics a pre-existing service that’s free or low-cost and then charges an excessive fee to use it. Basically, it’s a copycat. An expensive one at that.  

Fleeceware scammers often lure in their victims with “a free trial” that quickly converts into a subscription. However, with fleeceware, the terms of the subscription are steep. They might bill the user weekly, and at rates much higher than the going rate. 

The result is that the fleeceware app might cost the victim a few bucks before they can cancel it. Worse yet, the victim might forget about the app entirely and run up hundreds of dollars before they realize what’s happening. Again, all for a simple app that’s free or practically free elsewhere. 

What makes fleeceware so tricky to spot is that it can look legit at first glance. Plenty of smartphone apps offer subscriptions and other in-app purchases. In effect, fleeceware hides in plain sight among the thousands of other legitimate apps in the hopes you’ll download it. 

With that, any app that charges a fee to use ChatGPT is fleeceware. ChatGPT offers basic functionality that anyone can use for free.  

There is one case where you might pay a fee to use ChatGPT. It has its own subscription-level offering, ChatGPT Plus. With a subscription, ChatGPT responds more quickly to prompts and offers access during peak hours when free users might be shut out. That’s the one legitimate case where you might pay to use it. 

In all, more and more people want to take ChatGPT for a spin. However, they might not realize it’s free. Scammers bank on that, and so we’ve seen a glut of phony ChatGPT apps that aim to install fleeceware onto people’s phones. 

How do you keep fleeceware and other bad apps off your phone?  

Read the fine print. 

Read the description of the app and see what the developer is really offering. If the app charges you to use ChatGPT, it’s fleeceware. Anyone can use ChatGPT for free by setting up an account at its official website, https://chat.openai.com. 

Look at the reviews. 

Reviews can tell you quite a bit about an app. They can also tell you the company that created it handles customer feedback.  

In the case of fleeceware, you’ll likely see reviews that complain about sketchy payment terms. They might mention three-day trials that automatically convert to pricey monthly or weekly subscriptions. Moreover, they might describe how payment terms have changed and become more costly as a result.  

In the case of legitimate apps, billing issues can arise from time to time, so see how the company handles complaints. Companies in good standing will typically provide links to customer service where people can resolve any issues they have. Company responses that are vague, or a lack of responses at all, should raise a red flag. 

Be skeptical about overwhelmingly positive reviews. 

Scammers are smart. They’ll count on you to look at an overall good review of 4/5 stars or more and think that’s good enough. They know this, so they’ll pack their app landing page with dozens and dozens of phony and fawning reviews to make the app look legitimate. This tactic serves another purpose: it hides the true reviews written by actual users, which might be negative because the app is a scam. 

Filter the app’s reviews for the one-star reviews and see what concerns people have. Do they mention overly aggressive billing practices, like the wickedly high prices and weekly billing cycles mentioned above? That might be a sign of fleeceware. Again, see if the app developer responded to the concerns and note the quality of the response. A legitimate company will honestly want to help a frustrated user and provide clear next steps to resolve the issue. 

Steer clear of third-party app stores. 

Google Play does its part to keep its virtual shelves free of malware-laden apps with a thorough submission process, as reported by Google. It further keeps things safer through its App Defense Alliance that shares intelligence across a network of partners, of which we’re a proud member. Further, users also have the option of running Play Protect to check apps for safety before they’re downloaded. Apple’s App Store has its own rigorous submission process for submitting apps. Likewise, Apple deletes hundreds of thousands of malicious apps from its store each year. 

Third-party app stores might not have protections like these in place. Moreover, some of them might be fronts for illegal activity. Organized cybercrime organizations deliberately populate their third-party stores with apps that steal funds or personal information. Stick with the official app stores for the most complete protection possible.  

Cancel unwanted subscriptions from your phone. 

Many fleeceware apps deliberately make it tough to cancel them. You’ll often see complaints about that in reviews, “I don’t see where I can cancel my subscription!” Deleting the app from your phone is not enough. Your subscription will remain active unless you cancel your payment method.  

Luckily, your phone makes it easy to cancel subscriptions right from your settings menu. Canceling makes sure your credit or debit card won’t get charged when the next billing cycle comes up. 

• On iPhones and iOS devices, learn how to cancel App Store subscriptions here. 
• Android users can learn how to cancel Google Play subscriptions here. 

Be wary. Many fleeceware apps have aggressive billing cycles. Sometimes weekly.  

The safest and best way to enjoy ChatGPT: Go directly to the source. 

ChatGPT is free. Anyone can use it by setting up a free account with OpenAI at https://chat.openai.com. Smartphone apps that charge you to use it are a scam. 

How to download the official ChatGPT app 

You can download the official app, currently on iOS from the App Store 

The post Anyone Can Try ChatGPT for Free—Don’t Fall for Sketchy Apps That Charge You appeared first on McAfee Blog.