Blog

Have you ever got a scary “left behind” alert from your AirTag mid-flight? You’re not alone. AirTags are fantastic little trackers for luggage, but if you don’t understand how they work, they can give you a real shock at 30,000 feet! In this post, we’ll explain how Apple AirTags track your stuff, like checked bags on a plane, how they can sometimes falsely report that your luggage is missing, and how to avoid unnecessary confusion on your next trip.

What Exactly is an Apple AirTag?

An Apple AirTag is a tiny Bluetooth tracking device about the size of a coin. You attach it to items you don’t want to lose—keys, wallets, and yes, your luggage. Once it’s set up with your iPhone, you can see the AirTag’s location in the Find My app on your phone or iPad. AirTags do not have built-in GPS or cellular data themselves; instead, they use a clever method to help you locate things.

An AirTag like a little beacon shouting “Here I am!” via Bluetooth. It’s constantly sending out a Bluetooth signal. Now, whose devices pick up that signal? Any nearby Apple device, like an iPhone, iPad, Mac, that’s connected to the internet can detect an AirTag if it is within Bluetooth range. Those devices then do the helpful thing of relaying the AirTag’s location to Apple’s cloud, the Find My network. Effectively, your AirTag piggybacks on strangers’ iPhones, or your own devices, to report where it is.

The points to remember are:

• No GPS or cellular in the tag: The AirTag itself isn’t using GPS satellites or a cellular connection to pinpoint location. Instead, it’s the Good Samaritan iPhones around it that know their own GPS location and pass that info along.
• It needs the internet via other devices: If your AirTag is near anyone’s iPhone that has an internet connection (cellular or Wi-Fi), it can update its location in your Find My app. This is why Apple’s Find My network is so powerful—there are over a billion Apple devices out there that could potentially help locate your tag.
• No nearby iPhone? No update: Here’s the catch—if your AirTag is in a place where no connected devices are around to hear its Bluetooth signal, or if nearby phones can’t get online to report it, **the AirTag’s location **won’t refresh. It’s essentially off the grid until it finds a connection.

AirTags work kind of like having a crowd of digital messengers around the world. But even messengers can’t help if they’re stuck with no signal.

AirTags in Luggage: Great for Travel (Mostly)

Many travelers love popping an AirTag into checked luggage. It’s a nice peace of mind booster to see that your suitcase made it on the plane, or is at least at the same airport you are. In fact, AirTags have become super popular for tracking bags since they launched in 2021. Airlines usually don’t mind them, and they’re small and have long battery life.

Advantages of AirTags in travel:

• You can confirm if your bag is on the move (like when it’s taken off the plane and onto the baggage carousel).
• If an airline loses your bag, you might actually see where it ended up before the airline does, giving you a head start in retrieving it.
• It’s reassuring during layovers to check if your bag is following you to the next plane, especially on multi-stop trips.

However, using AirTags on flights isn’t 100% real-time magic. Which brings us to…

The In-Flight “Left Behind” Scare – Why It Happens

Imagine this: You’re settling into your flight, maybe buckling up, when your phone buzzes with an alert from the Find My app: “Your luggage was left behind” at the departure airport. 😱 Talk about a panic moment! Does this mean your bag is literally not on the plane?

This exact scare happened to a traveler recently. A man named Will was on a flight out of a small airport in South Africa when a notification popped up on his Apple Watch saying his suitcase had been “left behind.” He later shared that he “worried the ENTIRE flight” thinking his bag was lost.

So, what was going on? Short answer: The AirTag in his suitcase wasn’t able to update its location during the flight, so it still showed the last known spot (the departure gate) which triggered a false alarm.

Here’s why these misleading “left behind” alerts can happen on a plane:

• No Internet at 35,000 feet: In Will’s case, the plane didn’t have Wi-Fi, and of course phones were in airplane mode with no cellular signal. His AirTag’s last ping was picked up at the airport before takeoff. Once in the air, it couldn’t connect to any device with internet, so from the system’s perspective, the bag stopped moving from that point. The app assumed the bag got left on the ground.
• Last known location stuck at origin: The Find My app only knew about the bag’s location at Kruger Mpumalanga Airport (the takeoff point) because that was the last place it had an internet-connected iPhone near it. After takeoff, hours went by with no new signal, so it looked like the bag never left that airport.
• Airplane mode of nearby iPhones: Even though there were plenty of iPhones on the plane (probably in other passengers’ pockets), if they’re all in airplane mode or not connected to Wi-Fi, they can’t relay the AirTag’s signal. The AirTag might have been physically right below Will’s feet in the cargo hold, but it was essentially invisible to the internet until landing.
• Glitches or timing of alerts: Sometimes the Find My app might proactively warn you that an item was left behind when it loses contact for a while. This can be well-intentioned (if you truly forgot your keys somewhere, you’d want to know ASAP), but in scenarios like flights it’s a false positive. The system doesn’t know you’re on a plane with the bag; it just knows “Hmm, haven’t heard from this tag in a bit, and last saw it back at the airport.”

In Will’s story, it turned out to be a non-issue: the bag was safely on the plane all along. As soon as they landed and he got connectivity, the AirTag updated its location, and he even saw the suitcase being unloaded from the plane. The alert was effectively a glitch or misunderstanding—the AirTag wasn’t actually failing, it was doing exactly what it’s designed to do (report the last location it could connect).

Why Understanding AirTags Can Save You Stress

The key lesson here is that AirTags aren’t real-time GPS trackers with satellite phones; they rely on nearby devices. If you get a scary alert, take a deep breath and consider context:

1. During a flight: If you get a “left behind” message mid-flight, it’s very likely a false alarm. Your bag is probably just out of reach until someone’s phone can check in. Wait until landing when everyone turns their phones off airplane mode; chances are your bag’s location will pop up at the correct destination once there’s connection.
2. No updates for a while: If you notice your AirTag hasn’t updated in hours, think about where it is. In the cargo hold of a flying plane? Sitting in a rural area with few people around? It might simply have no one to talk to. The phrase “No news is no news” applies here. It doesn’t immediately mean the item is gone; it might just mean no device has reported its position recently.
3. When to actually worry: If your AirTag still shows your bag at the origin airport long after you’ve landed and people have been moving about with phones, then it might be time to ask the airline about a missing bag. For example, if you land and connect to the airport Wi-Fi or cellular and your bag still shows up 500 miles away, that’s a more legitimate concern.
4. Use multiple cues: Don’t rely solely on the first notification. Check the timestamp of the AirTag’s last location in the Find My app. If it says something like “10:00 AM at [Departure Airport]” and it’s now 2:00 PM mid-flight, that’s expected — it just hasn’t updated. The airline’s own tracking systems (when working) and the baggage tag scans can also provide info. Use all info at your disposal before panicking.

Pro Tips for Using AirTags When You Travel

To make the most of AirTags and avoid confusion, here are a few casual tips:

• Name your AirTags clearly: In the Find My app, label it like “Mike’s Suitcase AirTag”. This way, if you have multiple AirTags, you know which item gave the alert. It sounds basic, but in a stressed moment it helps to see “Suitcase left behind” instead of some generic label.
• Enable notifications mindfully: You can choose which alerts to get. If you want, you might disable the “Left Behind” notifications for an item when you know you’re traveling (since you know the bag will be out of reach during flights). Just remember to re-enable important alerts later.
• Check before takeoff: Before your plane leaves, do a quick check of your AirTagged items. If the app shows your bag at the gate or on the plane, you know it made it aboard. After that, expect it to possibly go silent during the flight. Don’t be surprised if it doesn’t update while airborne.
• At baggage claim, refresh: Once you land and can connect to the internet, open Find My and refresh. It should update your bag’s location. It’s super satisfying to see “Arrived at [Destination] Airport” pop up. If it still shows the old location after a refresh, then ask an airline agent to be safe.
• Educate travel companions: If you’re traveling with family or friends who aren’t techy, explain this AirTag behavior to them. That way they won’t freak out either. (“Mom, if it says left behind, it’s probably just because we’re in the air, don’t worry!”)
• Use them as supplements, not a guarantee: AirTags are a tool to give you more info, but they don’t replace airline baggage systems or common sense. Sometimes an airline might have your bag even if the AirTag lags, and vice versa. Treat the AirTag info as helpful data, not the final word from the universe.

The Bottom Line

AirTags are awesome for keeping track of your stuff – especially luggage – but they have limits. They need to hitch a ride on nearby internet-connected devices (like iPhones and iPads) to let you know where they are. On an airplane or other dead zones, they might go quiet for a while and spook you with outdated info. Now that you know how AirTags work, you won’t be fooled by a momentary gap in coverage.

Next time you fly, you can enjoy that in-flight movie without obsessively refreshing your luggage tracker. ✈️ Your AirTag will phone home when it can – and if it doesn’t, you’ll know when to actually start worrying. Until then, sit back, relax, and know that no news is probably good news when it comes to your tracked bag! Safe travels!

Fake Calls

You receive a call from the IRS. They claim you haven’t paid you back taxes and a warrant for your arrest is going to be issued unless you make a payment immediately, which the caller can take for you. The back taxes are some affordable number for you, and to prevent problems, you think “I should pay this.”

Don’t.

First, and this will be a reoccurring theme, large corporations or organizations don’t call you. The IRS still uses good ol’ USPS snail mail. If they have an issue, you’ll receive a letter. And oh by the way, the IRS isn’t fast. There is no “Pay now!” They set deadlines, sure, but it usually months away. If you are about to be arrested for back taxes… you most likely will know, because it will be in the millions.

Fake calls are a plague of a scam that has been ongoing since the invention of the telephone. Yet, people still fall for them, every day.

If you receive a call from someone claiming to be from an agency or corporation and you should “act now”, ask for information from them before answering any of their questions. What is this charge for? Who authorized it? What payment method was used? Cancel my service!

These can throw a scammer off their script, or cause them to scramble a bit that will give you a clue that the claim is fraud.

Also, be aware of scams that nobody has to talk to you. We all know of the “Yes” scam, where the caller asks a simple questions and is able to record your voice saying Yes to then use to charge something. Did you know about the one ring scam? It’s a thing, and the FCC even has their own article about it here!

Free Trial Software

There are a lot of useful things on the internet, software is a big one. The development of a piece of software is time consuming, and costly. No body is going to give it away completely for free.

Free software can do any number of things, including giving an attacker direct and unfiltered access to your computer, passwords, anything saved on there. Remember, if the software/service is free, you are the product. They are either stealing something, or selling your data to someone else.

Watch for software or services that claim to be free or unusually cheap. If you are signing up for something, the fine print may enroll you into cost subscriptions, so be very aware of where you enter your credit card information. Websites and ad’s can be posted on real websites like Instagram or Facebook. Verify everything yourself!

The “Fix” Scam

I will always say one thing to my IT clients, “Big tech companies do not call you.”

Microsoft, for instance, does not call end users. Microsoft does not monitor the 1.5 billion devices running software made by them for threats. Microsoft does not remediate viruses.

Apple neither.

Any unsolicited call you receive claiming to remediate your tech problems immediately is a scam. Even if your are in the middle of a security incident, such as a ransomware attack, these calls are from the attacker, and the decision to pay them is mired in many details, ethical questions, and business decisions. You definitely should not just had over bank or credit card details.

Find a local IT Managed Service Provider, such as St. Aubin Technologies, Inc. in Homestead, Florida. By making contact yourself, you are already answering your own questions about the legitimacy of the IT company.

If you are a business owner, you need to have a standing relationship with an IT company in general. You don’t go to court yourself. You don’t just start laying bricks for a building yourself. You need professionals, because the time, money, and mental health savings add up quickly. That said:

Fell for one? What next:

If you have a standing relationship with an IT company, call them. They have procedures in place to start protecting you immediately. They will take control of the situation and start you back to recovery.

Remember, if you fell for a scam, this is akin to having a car accident of sorts. Some are minor, some are bad. Your path to recovery can be simple, or difficult. A IT professional will help a lot in both… but it’s always best not to have one.

Train your brain to recognize scams. Security Awareness Training for you and your employees is a must. Microsoft Defender has it’s own, as well as company’s like Ninjio and KnowBe4 (not partners… yet). Just like watching your money and markets, security is a journey and you must continue walking the path to keep up.

Again, and I can’t say this enough, get a relationship with an IT Professional. Email me, I can help you find one.

It’s all fun and games until someone lets a hacker in.

This week a Cisco employee unknowingly let an attacker into one of Cisco’s CRM systems. It was accomplished by a Vishing attack, or a voice scam, usually a phone call. The user was persuaded to give up enough information to allow the attacker access to the CRM, and a data set of client information was downloaded before the Cisco security team was able to terminate access.

Cisco Hacked – Attackers Stolen Profile Details of users Registered on Cisco.com

There are many lessons here.

Anyone with access is a target

Any employee, vendor, family member with access can unknowingly allow an attack. It is important to know and accept this. The best defense is an offense. Teach your people, your family, to recognize threats or don’t offer anything up. Hold your vendors to the same level you do yourself. If they refuse, maybe it’s not worth the relationship.

Cisco is a world-renown technology vendor with a strong presence in cyber security. As a cyber security professional, I routinely use one of Cisco’s news sites to keep up with the latest threats and technologies. Cisco Talos Intelligence Group – Comprehensive Threat Intelligence. This employee was probably undergoing constant security awareness training by Cisco and was not someone without credentials to be in a capacity with access.

If I had to guess, it was a quick lapse in judgement that allowed the attack, and that quick lapse is completely human.

All the resources do not matter

Cisco is a large company, with its own internal security teams. They do a very good job of protecting their company, their products, and their customers. It still happened.

I cannot iterate this enough. Cyber security’s weakest member, humans, can be its strongest. If a user allows an attacker in, all the systems in the world couldn’t stop the initial damage… it is damage control from that point forward. However, if the user recognizes the threat and hangs up… attack over, no damage. Crazy, I know!

Train your people. End of story, and threat.

In today’s world, any breach is a breach

A leak of information is so important in the modern internet, no breach is too little to note. A breach is a breach, and the information within can and will be linked to more information and used to catch bigger fish.

A fisher man first lures bait fish to a trap or net. He catches the bait fish and puts them on a hook to catch a bigger fish. If he want’s larger than that, like a shark, he hooks the larger fish and continues until he gets what he wants. The really, really, really big fish. The really big fish is the target, but get this, none of the little fish survive either. They are eaten, hooked, dragged through the water looking for the big fish. No fish wins this story.

What to do

• Invest in a Managed Service Provider that excel’s at security. If you need more, they will bring in the assistance of a trusted Managed Security Service Provider.
• Train your people. Family, employees, everyone
• Hold you vendors to the same standards
• Above all else, make sure your people know to report any issues.

How do I sum up a service that has the power to completely run your business?

I guess I don’t.

Microsoft 365, aka Office 365, is a powerful tool that Microsoft has placed within just about everything Microsoft does. Everything.

AI will tell you, “Microsoft 365 is a subscription service that provides blah, bla, blah, blah, bla.” Not exactly summing it up. Probably because there is too much to sum. So:

1: Microsoft 365 is paid business email service.

Microsoft 365 does email. It integrates seamlessly into Microsoft Outlook to bring you a synchronized experience across all your devices. PC, Android, iPhone, Mac, whatever.

2: Microsoft 365 is Cloud File Storage

OneDrive and SharePoint. These tools help you synchronize your files across all your devices. PC, An… yeah you get it. They also allow you to work together with others on the same files… remotely!

3: Microsoft 365 empowers remote and office teams

Teams is a productivity app that connects teams, whether they are remote or in the office. Teams includes instant message, phone calls, file storage (based on SharePoint), and integrates with many, many more apps.

4: Yup. There is a part that includes Windows

Windows as a Service. For a monthly subscription, you have a Windows virtual machine that you can connect to from anywhere, and have all your files, desktop settings, etc. in one place… anywhere.

5: Microsoft 365 is on the AI wave

CoPilot is Microsofts AI (or Large Language Model). CoPilot can search the web, but it can also be limited to company procedures and existing data for it’s research. Best yet, with the paid version, your data stays within your company.

There is ton’s more inside Microsoft 365. Security, device management, Azure, etc. But for the most part, these are the services most small businesses use, and grow into the rest!

In the modern workplace, convenience is king. Quick access to resources, seamless sharing of information, and the integration of technology into daily processes all help drive productivity. Among the many tools that have become commonplace is the QR code—a simple, scannable square that can lead to websites, download forms, and much more with a simple click of your smartphone camera. But with this convenience comes a new form of cyber threat: quishing.

Quishing, or QR code phishing, is a rising concern for both individuals and businesses. As QR codes become embedded in everything from office posters to conference sign-ins and restaurant menus, understanding how to use them safely is essential. In this article, we’ll explain what quishing is, how to spot and prevent it, and what steps to take if you’ve accidentally scanned a malicious QR code.

What Is Quishing?

Quishing is a cyberattack technique where threat actors use QR codes as a vehicle for phishing. Just as traditional phishing tricks users into clicking deceptive links in emails or texts, quishing relies on the unsuspecting scanning of QR codes that redirect victims to fraudulent websites or trigger harmful downloads.

A typical quishing attack might involve a hacker replacing a legitimate QR code with their own, which could:

• Direct you to a fake login page that looks like a legitimate business portal
• Prompt you to enter sensitive information (like your work credentials or personal data)
• Trigger the download of malware onto your device
• Bring up a payment screen for a bogus service or invoice

Because QR codes are just images, it’s impossible to discern their destination by looking at them. This makes them a powerful tool for cybercriminals hoping to bypass your defenses.

Why Is Quishing a Concern for Business Users?

For business users, quishing poses several unique risks:

• Corporate Credentials at Risk: Employees may scan a QR code believing it leads to a trusted internal site, only to hand over their work login details to hackers.
• Device Compromise: Scanning a malicious QR code could initiate downloads of malware, ransomware, or spyware, jeopardizing the company’s data and network.
• Financial Loss: Fake payment or donation QR codes can siphon money from company accounts or individuals.
• Brand Reputation: If a business inadvertently distributes or displays malicious QR codes (for example, on event flyers or digital signage), it can erode customer trust.

How to Spot a Quishing Attempt

While QR codes themselves don’t reveal much, there are practical steps you can take to spot and avoid quishing threats:

• Scrutinize the Source: Only scan QR codes from trusted, verified sources. Be wary of codes posted in public spaces, attached to emails, or on unexpected stickers or posters.
• Check for Tampering: If you’re scanning a QR code from a physical location—such as a sign at a café, event, or office—look for signs that a sticker has been placed over the original code. Criminals often cover legitimate codes with their own.
• Preview the URL: Many smartphone cameras and QR code scanner apps will show you the URL destination before you open it. Pause and check whether the web address looks legitimate. Does it match the organization’s official website? Look out for suspicious domain names, unusual spellings, or odd characters.
• Watch for Urgency and Pressure Tactics: Be cautious if scanning a QR code leads to a page urging immediate action—like updating your password, entering payment details, or verifying an account. Phishers often create a sense of urgency to rush decisions.
• Be Skeptical of Email QR Codes: If you receive a QR code in an email, treat it with the same skepticism as a suspicious link. Confirm the sender’s identity and verify the request through another channel if possible.
• Look for HTTPS: If you do visit a site via QR code, ensure the site uses HTTPS (the padlock icon in the browser address bar) to encrypt your data. While not foolproof, absence of HTTPS is a red flag.

Best Practices to Prevent Quishing

Prevention starts with awareness and a few key habits:

• Educate Employees: Make quishing awareness part of regular security training. Many users don’t realize the risks posed by QR codes.
• Use Company Devices for Work-Related Codes: Company-issued devices often have security features, such as antivirus software and managed settings, that help mitigate risk.
• Install a Trusted QR Scanner App: Some QR scanner apps offer added security, such as previewing URLs, checking for unsafe links, and blocking known malicious sites.
• Limit QR Code Use to Trusted Environments: Avoid scanning public or unverified QR codes, especially on critical company networks.
• Implement Policies for QR Code Usage: For businesses, consider setting procedures for creating, distributing, and monitoring QR codes used in company materials or events. Use secure QR code generators and track their deployment.
• Regularly Audit Publicly Displayed QR Codes: Check that QR codes posted in public or semi-public company spaces haven’t been tampered with or replaced.

What to Do If You Accidentally Scan a Quishing QR Code

Mistakes happen, and even vigilant users can slip up. If you think you might have scanned a malicious QR code, take these steps immediately:

• Do Not Enter Any Information: If you’re taken to a login page or form, don’t provide any details until you’ve confirmed the site’s legitimacy.
• Disconnect from the Internet: If the code triggered a download or unusual behavior, disconnect your device from Wi-Fi or mobile data to prevent further damage.
• Run a Security Scan: Use your company’s approved security software to scan your device for malware or suspicious activity.
• Change Your Passwords: If you did enter your credentials or personal information, change your passwords immediately—both for the affected account and any accounts that use the same or similar passwords.
• Alert Your IT Department: Report the incident right away. Early detection helps the IT team contain potential threats and warn others.
• Monitor Your Accounts: Watch for unusual activity, such as unauthorized logins, password reset requests, or unexpected transactions.
• Document the Incident: If possible, take a screenshot of the QR code and record when and where you scanned it. This can help your IT team assess the risk and take appropriate action.

Real-World Scenarios

It’s easy to underestimate how convincing quishing attempts can be. For example, imagine attending a business conference where the event program includes a QR code for the Wi-Fi login. Without knowing it, someone has placed a counterfeit sticker over the original code—scanning it directs you to a site that asks for your work email and password. In the hustle of the event, you might not notice the subtle difference in the URL.

Or consider receiving an email from what appears to be “IT Support” with a QR code to verify your account security. While this seems legitimate, it’s a common phishing ploy—one that could compromise your credentials in seconds.

The Bottom Line: QR Codes Are Powerful—Use Them Wisely

Quishing is a sophisticated twist on familiar phishing tactics, and as QR codes continue to gain traction in both business and daily life, it’s crucial to remain vigilant. While you don’t need to stop using QR codes altogether, a healthy dose of skepticism and adherence to best practices can protect you, your colleagues, and your organization from unnecessary risk.

Remember: Just as you would think twice before clicking a suspicious email link, give QR codes the same critical eye. By staying informed and cautious, you can enjoy the benefits of QR technology—without falling prey to digital traps.