There's A Sophisticated New Wave Of Phishing Attacks Targeting iPhone Users
Your iPhone has built-in protections to keep you safe from phishing attacks and security threats, but scammers have found a clever new way to bypass those safeguards.
As reported by BleepingComputer this week, hackers have started adapting to Apple's security measures to trick iPhone users into clicking malicious links. By default, iMessage disables links in messages from unknown senders. One way to reactivate a link is for the recipient of a text to respond to the message, which is why hackers have changed their methods.
There's a good chance that at some point in the past few months, you have received a phishing text informing you about an undeliverable USPS package, unpaid toll, or free prize. These texts often include lengthy hyperlinks, but they're disabled by default.
In order to trick iPhone users into clicking on links, scammers have started asking them to reply and reopen the message or copy and paste the link into a browser.
"Please reply Y, then exit the text message, reopen the text message activation link, or copy the link to Safari browser to open it," reads one phishing text.
As BleepingComputer explains, we have become accustomed to replying "Yes," "No," or "Stop" to texts to confirm appointments or opt out of surveys. Scammers have begun taking advantage of this tendency to make their scams more viable.
"If you receive a message whose links are disabled or from an unknown sender asking you to reply to the text, you are strongly advised not to do so," BleepingComputer warns. "Instead, contact the company or organization directly to verify the text and ask if there is anything else you need to do."
