Home Mobile Don’t fall for this SMS trick that results in iPhone users losing their personal data and money
MobileNews

Don’t fall for this SMS trick that results in iPhone users losing their personal data and money

by Cyber Techbiz
by Cyber Techbiz 0 comment

Apple’s Messaging app features built-in protection from phishing and smishing expeditions. Phishing is when cybercriminals send someone an email that looks like a legitimate letter from a company that the victim does business with. The letter contains a message with an urgent demand that the target do something or face a harsh consequence. The goal is to get the target to turn over sensitive information such as PIN numbers, passwords, and social security numbers all to take over the victim’s financial accounts and steal the money in his/her personal accounts.

For example, let’s say that you are an AT&T subscriber. You might get an email that looks like a genuine AT&T missive. The letter might say that your account is past due and if you don’t make an immediate payment, your wireless account will be suspended. To make the payment, the email might include a link that takes you to a page where you need to fill in your credit card number, expiration date, security code, and your address. Give up all that information and you might find strange charges on your card that you had nothing to do with. And of course, you’re going to give out this info because who wants to have their wireless account turned off.

Beware of “smishing” messages which are bogus texts made to look like they came from a firm you do business with

Sometimes these phishing messages are sent via text messages in which case it is called “smishing.” Most cybersecurity experts will tell you never to tap on links in emails and texts you receive from senders who are unknown to you. Apple’s iMessage platform automatically disables links in messages sent by unknown senders regardless whether the message was sent via email or text.

Examples of smishing texts that try to get you to respond disabling Apple's protection from links. | Image credit-BeepingComputer - Don't fall for this SMS trick that results in iPhone users losing their personal data and money

Examples of smishing texts that try to get you to respond disabling Apple’s protection from links. | Image credit-BeepingComputer

But there is a way for cybercriminals to disable this protection from Apple. The tech giant says that if a user replies to a smishing or phishing message or adds the sender to his contact list, the protection from Apple that disables links in that message or email from an unknown sender will no longer work. That is why security experts have seen an increase in smishing attacks from attackers who try to get targets to respond to their texts so that the links in the text are enabled once again.
BleepingComputer posted examples of smishing attacks with one text using a bogus USPS shipping issue and the other a text about an unpaid road toll. The former asks for a complete address in order to have a package delivered. Who doesn’t like receiving a package? The latter text threatens late fees and possible lawsuits if a toll is not paid. If the target of these messages responds to the texts, the links in each text he responds to are no longer protected as Apple will enable them. As a result, a recipient of a smishing message might accidentally give away some personal data by responding to one and then getting manipulated into tapping on a link.

To trick the iPhone user into responding to the text and disabling the protection, many smishing texts will include a line like this: “Please reply Y, then exit the text message, reopen the text message activation link, or copy the link to Safari browser to open it.” Since many smartphone users have become familiar with the idea of verifying an appointment by typing “Yes,” or just the letter “Y,” the attackers are hoping that the target responds with the “Y” which, as we said, will turn off iMessage’s built-in phishing protection for this text.

What to do if you receive a smishing text

Even if the target doesn’t tap on the now-enabled link, knowing that the target responded to the smishing message lets the attacker know that this target can be tricked into responding to a bogus message. Many of the targets of these smishing attacks are older people who might be more compelled to believe that  a smishing text is legitimate and feel that they must settle up immediately to prevent them from receiving a punishment.

If a message you receive has its links disabled, or if it is from an unknown sender asking you to replay to the text, you should not respond. Your best bet is to call the company that allegedly sent the text and ask then whether they sent you a text message and what task they need you to do.

Source link

0 comment
0
FacebookTwitterPinterestEmail

We at Cyber Techbiz are a Multi-platform publisher of Latest News, Reviews, Articles, Blogs, Guides related to Technology and consumer Electronics globally.

Related Posts

CES sneakily became a great gaming show amid...

Level Up ROAS: Get Your Gaming Growth Guide...

iPhone owners targeted via new Apple Messages scam:...

The capable Nothing Ear with ChatGPT are a...

Firebreak Will Have Lower PC Requirements Than Remedy’s...

Candy Crush Solitaire to launch worldwide on February...

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Cybertechbiz.com ©2024 - All Right Reserved.
0
Would love your thoughts, please comment.x
()
x