stare into the abyss w/ me (& start using a pc for /anything/ that matters)
think using a secure messaging app keeps your communication private?
sturnus - spyware bypasses encryption to read signal, telegram, and whatsapp messages
think /you/ are safe because you don't install suspicious apps or click bad links?
pegasus - no-click spyware is now used by the united states (& others)
graphite - gov employee puts in your number and gains /complete/ control
can read secure-communication app message history, listen to microphone, use camera
used by various countries and us gov organizations with little oversight,
including against journalists (mentioned in linked article)
with us intent to go after ’liberals’, don’t consider yourself immune
think you are below notice or trust your gov?
tgtoxic - scammer malware; a single text message -> steal passwords, your bank account, & more
albiriox - scammer malware uses smishing to drain your bank, send money, approve connections,
steal your saved passwords/sessions, fake logins to steal non-saved passwords,
in short; steal /anything/ you have saved on the phone or steal /anything/ you input
do you check your email on your phone?
how much damage could they do with just your email account?
think you are safe from clicking malware links in text messages?
ever clicked a tracking link for a package you were waiting for in a text?
i promise you aren’t as careful as you think
this is not at /all/ an exhaustive list - so, what should you do?
either (A) remove access to passwords, banking, email, and other private data from your phone
& start doing /all/ of that stuff on a trusted pc instead (follow security practices on the pc)
(if you use windows, you should get malwarebytes for your pc)
the much worse option is: (B) pay for & get malwarebytes on your phone (either android and ios)
give it notification permissions & other permissions it asks for
as an anti-virus, it will need a /lot/ of access to your phone
follow all its recommendations (except the ‘digital footprint scan’ & don’t buy their vpn)
(if that leaves the ‘protection score’ at 69 or some similar, that is ok)
regardless, avoid the most dangerous actions - don't click links & don't bank on mobile