Apple has a solid reputation for building secure mobile devices. Most Apple customers think Apple products are so secure that they don’t need to do anything more to protect themselves. But even iPhones and iPads have security flaws in both the operating system and the apps that you use. Knowing such flaws exist can help you better protect your mobile devices.

Vulnerabilities in the Operating System and Built-In Apps

In November 2015, Zerodium announced that an anonymous researchers hacked Apple’s iOS 9 operating system. They received $1 million for their efforts. Zerodium pays for security exploits that are not publicly available, selling them to the highest bidders.

Because Zerodium sells the exploits it purchases, it is tight-lipped about the iOS 9 hack, but it means even iOS 9, and the apps that run on it are vulnerable. Also, the exploit can operate silently, so you may never know your information has been compromised.

This specific hack might not be used by cybercriminals if Zerodium lives up to its claim of selling its hacks to only legitimate corporations and government organizations. However, because Zerodium announced that there are holes in iOS 9’s security, cybercriminals will likely find them too.

This is also far from the first time it has happened, so here are some steps you can take to further protect yourself.

How to Protect Your iPhone or iPad

Apple mobile devices have security vulnerabilities, so you need to take some security precautions. Make sure that you:

  • Install all iOS updates promptly.
  • Use strong passwords for all your accounts. Resist the temptation to use the same password for multiple accounts. If you have to remember a lot of account passwords, consider using a password manager. That way, you will not be tempted to re-use passwords or write them down.
  • Do not connect your mobile device to public computers or public wi-fi networks. Only connect your device to computers and networks you know are secure.
  • Research an app before you install it, even if you are downloading it from Apple’s App Store. Stay away from apps that not many people are using.
  • Do not open any text links or email messages from unknown senders. If a message is from someone you know but looks suspicious, call that person and confirm that he or she sent it.
  • Look carefully at any pop-up messages that you receive when working in an email app. A pop-up message is a fake if it appears only in the email message’s body or if it scrolls down when you scroll through the message.