According to the Better Business Bureau, cyber criminals are using new software that can infect your iPhone, even if you don't download anything - and even if you don't click on a link.
It's called a "zero-click" attack and it can take control of your device. Then, criminals demand cryptocurrency so you can gain back control of your phone.
You should never pay the ransom as it doesn't guarantee a solution to the problem. You should also report this to the FBI.
To avoid getting hacked, make sure you stay up to date with your software, as soon as patches or new operating system versions are available. And never click on suspicious links or downloads.
More tips to prevent 'zero-click' attacks:
The Cybersecurity and Infrastructure Security Agency (CISA) along with the FBI recommend consumers and businesses take steps to protect electronic devices against cyber attacks.
BBB joins with the National Cyber Security Alliance in suggesting the following cyber hygiene defenses:
-Don't click on links from unfamiliar sources. Even if you think you know the sender, be cautious about clicking on email links. When in doubt, delete it. Be especially wary of messages requiring you to act quickly, asking for personal information, or threatening you in any way.
-Keep clean machines and stay up-to-date with software. Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other Internet-connected devices.
-Use strong authentication to access accounts, especially critical networks. Requiring more than a username and password will help prevent access through stolen or hacked credentials.
-Conduct regular backups of systems. Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
-Make better passwords. Require long, unique and strong passwords to better harden accounts against intrusions.
-Enable popup blockers. Popups are regularly used by scammers to spread malware. Prevent popups from appearing in the first place by adjusting your browser settings.