Phishing Attacks Use This Simple Trick to Defeat iPhone Message Security – MacRumors

A new social engineering tactic is being used by cybercriminals to trick iPhone users into disabling iMessage’s built-in phishing protection, in a bid to expose them to malicious links and scams, according to BleepingComputer.The scam exploits a security feature in iMessage that automatically disables links from unknown senders. Apple told the outlet that when users reply to these messages or add the sender to their contacts, the links become clickable – a behavior that scammers are now actively exploiting, according to the report. The deceptive messages often masquerade as notifications from trusted organizations like USPS or toll road authorities. Scammers are apparently looking to exploit the familiar “reply STOP” or “reply NO” that often appears at the end of messages from authentic businesses or services, as there’s been a surge in SMS phishing (smishing) attacks that specifically ask recipients to reply “Y” to “activate” supposedly legitimate links. By getting users to respond, attackers not only enable the previously disabled links but also identify active phone numbers that are more likely to engage with future scams.Tech-savvy users are likely to easily identify these as phishing attempts, but the main concern is that older or less experienced users will be particularly vulnerable to the tactic. Needless to say, the best way to ensure that you never fall for the scam is to never reply to suspicious messages from unknown senders.SMS phishing attacks with disabled links (Image credit: BleepingComputer)Another line of defense is to enable message filtering on your iPhone or iPad. Message filtering sorts messages from people who are not in your contacts into a separate list, where you can more easily view them in the Messages app. To filter messages from unknown senders, open Settings and go to Apps ➝ Messages, then toggle on the switch next to Filter Unknown Senders.Bear in mind that the feature can filter legitimate messages – from couriers or your bank, for example – so don’t automatically assume that a filtered message is dodgy. And, as mentioned above, you can’t open links in a message from an unknown sender until you add them to your contacts or reply to the message, but that’s by design. Get weekly top MacRumors stories in your inbox.Image Playground, Genmoji, ChatGPT integration, revamped Mail app, and more.Apple Intelligence is what Apple is calling its artificial intelligence feature set, previewed at WWDC in June 2024. Here’s everything we know.Find all of the season’s best Apple and Apple-related gifts in our 2024 Gift Guide.Image Playground is Apple’s dedicated image creation app that can build cartoon-like pictures based on text descriptions.
M4 chip update expected, but no design changes.Chip update and other spec bumps for Apple’s entry-level iPad.The end of the iPhone Home button as Apple shifts its final model to an all-display front with a notch and Face ID.Apple appears to be skipping the M3 generation and waiting to launch an M4 Mac Studio in mid-2025.22 minutes ago by Joe Rossignol3 hours ago by Joe Rossignol1 day ago by Joe Rossignol1 day ago by Joe Rossignol1 day ago by Tim Hardwick MacRumors attracts a broad audience of both consumers and professionals interested in the latest technologies and products. We also boast an active community focused on purchasing decisions and technical aspects of the iPhone, iPad, Mac, and other Apple platforms.

Source: https://www.macrumors.com/2025/01/13/imessage-users-targeted-phishing-scam/