Apple has established good security for their iPhone and iPad devices. This is achieved by only allowing software approved by Apple to be installed through their secure App Store. However, there are still a few areas of vulnerability. This page describes what you can do to ensure better protection.
Antivirus and smartphone security apps generally do not protect against these problems.
STEP #1 — Remove Unknown Profiles
Profiles are special configuration permissions established on your phone that give access to email, contacts, calendar, and other functions. If you’re using a work-related profile from a known organization or business, then that’s okay. Any unfamiliar profiles should probably be removed.
Let’s say a rogue malicious account was added to your phone, and it had notes, calendar and contacts features enabled. If you weren’t careful, as you add new notes, contacts, or calendar items, they may end up in the malicious account, thus being handed over to whoever controls that account. Also, those in control of the rogue account could cause havoc on your phone by making calendar reminders show up encouraging you to click on malicious links.
You may find an unfamiliar email account on your iPhone, and when investigating it further, see no way to remove the account. This is because the account was added and is managed by a profile.
Follow these steps to review and remove unknown profiles:
- Go to Settings > General > and look for Profiles & Device Management. Note: If you do not see Profiles & Device Management listed, then no profiles are installed.
- On the Profiles & Device Management screen, you may see a list of Configuration Profiles. The description under each profile is what you probably would have seen displayed during the installation process such as “Click here for Secure5G” or “Tap Install To Continue.”
- Tap on any profile you want to remove, and choose the option to delete and remove it.
In the future, remember not to install any profiles. Check with a tech savvy friend or your primary tech support person whenever in doubt. The Apple website has a brief explanation about profiles, but no additional security device. [View]
STEP #2 — Remove Unknown Calendar Subscriptions
It is fairly easy to subscribe to event calendars and have those events show up on your iPhone. For holidays, sports events, and similar items, it’s nice to have. However, calendar subscriptions can also be a way for bad-intentioned people to get into your phone and trick you into clicking on links to malicious websites.
Follow these steps to review and remove unknown calendar subscriptions:
- Open the Calendar app on your iPhone.
- Tap on the word Calendars at the bottom of your screen.
- You will see your own calendars displayed in a list organized by the accounts they are associated with such as iCloud or Google. Under the OTHER heading, you will probably see US Holidays (Subscribed), Birthdays, and Siri Suggestions.
- Look for any unfamiliar Subscribed calendars. You can delete these by pressing the (i) information icon and then selecting delete.
More about calendar subscriptions can be found on Apple’s website. [View]
STEP #3 — Use Caution
This step doesn’t involve an app or upgrade to your device, but instead is a reminder to use caution with any pop-up messages, text messages, emails, phone calls, Facebook messages, and friend requests, even if they seem legitimate.
Like computers, smartphones make people more easily accessible to scammers, so it’s important to use caution.
There is no device or app that can protect you against scams. Being alert and cautious is your primary protection. Also, you should always check with a tech savvy friend or your primary tech support person whenever in doubt.