Phishing Attacks Use This Simple Trick to Defeat iPhone Message Security

0

A new social engineering tactic is being used by cybercriminals to trick iPhone users into disabling iMessage’s built-in phishing protection, in a bid to expose them to malicious links and scams, according to BleepingComputer.

The scam exploits a security feature in iMessage that automatically disables links from unknown senders. Apple told the outlet that when users reply to these messages or add the sender to their contacts, the links become clickable – a behavior that scammers are now actively exploiting, according to the report. The deceptive messages often masquerade as notifications from trusted organizations like USPS or toll road authorities.

Scammers are apparently looking to exploit the familiar “reply STOP” or “reply NO” that often appears at the end of messages from authentic businesses or services, as there’s been a surge in SMS phishing (smishing) attacks that specifically ask recipients to reply “Y” to “activate” supposedly legitimate links.

By getting users to respond, attackers not only enable the previously disabled links but also identify active phone numbers that are more likely to engage with future scams.

Tech-savvy users are likely to easily identify these as phishing attempts, but the main concern is that older or less experienced users will be particularly vulnerable to the tactic. Needless to say, the best way to ensure that you never fall for the scam is to never reply to suspicious messages from unknown senders.

SMS phishing attacks with disabled links (Image credit: BleepingComputer)

Another line of defense is to enable message filtering on your iPhone or iPad. Message filtering sorts messages from people who are not in your contacts into a separate list, where you can more easily view them in the Messages app. To filter messages from unknown senders, open Settings and go to Apps ➝ Messages, then toggle on the switch next to Filter Unknown Senders.

Block Nuisance Calls and Messages on Your iPhone

Bear in mind that the feature can filter legitimate messages – from couriers or your bank, for example – so don’t automatically assume that a filtered message is dodgy. And, as mentioned above, you can’t open links in a message from an unknown sender until you add them to your contacts or reply to the message, but that’s by design.
This article, “Phishing Attacks Use This Simple Trick to Defeat iPhone Message Security” first appeared on MacRumors.com

Discuss this article in our forums

More Stories

Nope, this skull is not Cleopatra’s half-sister

0

Why the latest location data leak won’t hit iPhone users as hard

0

iPad mini 7 sale saves you $100

0

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Nope, this skull is not Cleopatra’s half-sister

0

Why the latest location data leak won’t hit iPhone users as hard

0

iPad mini 7 sale saves you $100

0

MagSafe Monday: ESR’s MagSafe power bank delivers Qi2 charging with a built-in LED panel and kickstand

0

IDC: Apple’s iPhone maintained lead in worldwide smartphone shipments and market share in 2024

0