A new smishing (SMS phishing) campaign is making waves, specifically targeting iMessage users by manipulating Apple’s built-in phishing protections. Users have been reporting examples of these attempts for months, and now the campaign is gaining wider attention
iMessage typically disables clickable links from unknown senders as a safeguard against phishing attacks. However, the campaign exploits a loophole: if users reply to the message or add the unknown sender to their contact list, the links become active.
Once the links are clickable, users are at risk of being redirected to malicious websites designed to steal personal information or compromise their devices.
The phishing messages observed by Malwarebyes often mimic urgent or routine notifications, such as:
- Undeliverable packages (e.g., USPS, Royal Mail, DHL, FedEx).
- Unpaid toll road fees.
- Outstanding shipping charges.
- Other unexpected payments or urgent actions.
The messages usually end with instructions similar to these:
iMessage Smishing Instructions: “(Please reply Y, then exit the SMS, re-open the SMS activation link, or copy the link to open in Safari)”
Responding to such messages with “Y” (or any reply) disables iMessage’s phishing protection, enabling the malicious link. Once a user clicks on the link, they are directed to a fraudulent website. Even if users choose not to follow the link after replying, the attackers know they have reached a live number and will likely target it for future scams.
Similar instructions have also been observed in attacks targeting Chrome users. These messages direct users to reply with “1” and then reopen the SMS to interact with the malicious link in the browser.
Smishing attacks can trick victims into sharing sensitive information like passwords, credit card numbers, or personal details. Additionally, confirming a phone number’s activity by replying to these messages can expose users to more aggressive phishing attempts or spam campaigns.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
How to Protect From Smishing Attack
To stay safe from smishing scams, security experts recommend the following:
| Tip | Description |
|---|---|
| Never Reply to Suspicious Messages | Even a simple reply like “Y” or “1” confirms your number is active, which can lead to more phishing attempts. |
| Avoid Adding Unknown Numbers to Contacts | Adding unknown senders disables iMessage’s built-in phishing protections, leaving you more vulnerable. |
| Verify Directly with Companies | If a message claims to be from a legitimate company, reach out to them directly using verified contact information instead of engaging with the message. |
| Report Suspicious Messages | Use spam reporting services or Do Not Call lists to report suspicious numbers and messages. |
| Review Your Device’s Security Settings | Check your device’s security features in menus like “Security,” “Privacy,” or “Safety” to boost protections. |
| Inspect Links Carefully | Pay close attention to links in messages, as scammers often use similar-looking URLs to trick you. |
| Be Skeptical of Unusual Messages | Be cautious of offers or threats that seem too good or severe—they are often scams. |
| Consider Third-Party Protection Tools | Use apps like Malwarebytes Mobile Security for extra filtering and protection against phishing. |
Following these guidelines can help reduce the risk of falling for scams.
The rise of smishing campaigns highlights the evolving tactics cybercriminals use to bypass security measures. Users must remain vigilant and cautious when dealing with unsolicited messages, particularly those containing links or urgent requests.
By understanding the risks and following best practices, iMessage users can better protect themselves against these sophisticated phishing schemes. Stay alert, and if in doubt, always double-check before responding to or clicking on unfamiliar messages.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!