A new warning has been issued about the iPhone after a flaw was discovered that disables Apple’s phishing coverage in its iMessage messaging service.
In addition to offering universal security patches to iPhone users, Apple offers coverage against phishing, a type of cyberattack that targets other people with emails or text messages from your adversaries with the intention of stealing their information.
In phishing, or smishing if done via SMS, attackers encourage or encourage iPhone users to click on a link, which will take them to a page created by adversaries to obtain borrowed login credentials. to download malware on your device.
Knowing this, Apple disables links sent through iMessage when they come from an unknown sender. However, a growing number of attacks consider this iPhone coverage as a weakness, according to a report published on the British generation site Bleeping Computer.
Adversaries are sending fake alerts, such as delivery updates, that encourage users to reply to iMessages first, which will then mark the sender as safe and allow a link that Apple would have otherwise disabled. For example, an iPhone user may be asked to answer yes (Y) or no (N) to accept a delivery.
People are used to doing this when responding to appointments, which means many respond to iMessages and activate the link, reports Bleeping Computer.
It’s a simple trick, but the consequences could be devastating. The iPhone user could then click on the link and end up handing over private details to attackers. This could allow access to valuable data, including logins to email or even banking services resulting in real financial losses.
I have asked Apple for comment on this attack and will update this article if the iPhone responds.
Jake Moore, global cybersecurity advisor at ESET, calls the new iPhone phishing trick a “simple security bypass. “
But you can protect yourself from this iPhone attack and other similar attacks by following some undeniable steps.
Always avoid replying to messages from unknown contacts as this could disable iMessage’s built-in protection and expose you to phishing attempts, says Moore. “Always verify the legitimacy of any message whether it be iMessage or within any platform before taking any action, especially if they request sensitive information,” he advises.
If you receive an email or text message and are unsure of its legitimacy, go to the online page or app and log in there, rather than clicking on links in the messages.
Apple’s phishing protection exists for a reason, but the iPhone maker can’t absolutely protect users from attacks. It’s up to you to be vigilant and spot symptoms that the iMessage or email might not be what it seems.
One Community. Many Voices. Create a free account to share your thoughts.
Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.
To do this, please comply with the posting regulations in our site’s terms of use. We summarize some of those key regulations below. In short, civilized.
Your message will be rejected if we notice that it appears to contain:
User accounts will be locked if we become aware that users are engaging in:
So, how can you be a user?
Thank you for reading our Community Guidelines. Please read the full list of posting regulations discovered in our site’s Terms of Use.