As threat actors get increasingly clever with thwarting security systems, staying informed about their tactics is important. A new report has surfaced that alerts iPhone users that cybercriminals have devised a technique to steal personal information by tricking them into turning off Apple’s built-in iMessage phishing protection.
For years, cybercriminals exploited iPhone vulnerabilities via iMessage, using text phishing schemes to steal personal details from users. In response, Apple released security patches that enabled iMessage to automatically turn off links sent to iPhone users from unknown senders. This protective wall is effective against malicious links from foreign phone numbers and email senders. Yet, there is still a need for caution. As long as users do not respond to these malicious messages, or save the sender’s contact, the links remain disabled. Otherwise, if responded to, they could be enabled again.
In recent months, BleepingComputer has observed numerous text phishing attempts. Bad actors trick iPhone users into replying to a malicious message or copying and pasting a malicious link into Safari. What if users respond to these messages without clicking the deceptive links? It could still pose a danger. Why? Threat actors could view such users as receptive and mark them as prime targets for future attacks.
The point? When you receive an email or text message with a link from an unknown sender, neither reply nor save the contact. Even when a link received on your phone is from a known sender, do not always respond immediately. Remember that a phishing scammer or hacker may be behind it. So, it is advisable to contact the sender and confirm that a legitimate link came from the right source.