"Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-," said the company in an email sent out to users on April 10th. Apple is advising target users to enlist expert guidance such as rapid-response emergency security assistance provided by the Digital Security Helpline at the nonprofit Access Now.
The support document has been updated related to the threat notifications and this explains how the mercenary spyware attacks work. Once the company detects activity consistent with the mercenary attack, it will send an email and iMessage notification to users on their email and phone numbers. A notification banner will also be displayed at the top of the Apple ID website once they sign in.
Apple warns users to not click links, open files, install apps or share Apple ID passwords or verification codes over the phone.