Scammers are running out of ideas when it comes to trying to steal your user data or even bank accounts. This time, they've gone one step further by finding an additional method to endanger users, whom they try to infect through phishing schemes.
The new threat circulating on the mobile network has set off alarm bells among experts. However, keep in mind that it's targeting an iPhone flaw, so in this case, if you have an Android phone, you'll be safe. However, it's not a bad idea to be aware of what's happening, as it could be a threat that could be replicated in other situations.
A dangerous trick
You never know with cybercriminals. If there's a way to discover a security hole or some kind of trick that can compromise phones, it usually doesn't take long to find it. What happened in this case is that hackers were discovered attacking Apple's iMessage tool to scam users. The system is rudimentary, but it has been proven to work. Cybercriminals send users a message, and if they fall for the trick, their phone's phishing protection is removed, exposing them to this serious danger once again.
This is a significant issue, as iMessage's security protects users by disabling links received in messages from users they don't know. Thanks to this system, it doesn't matter whether the message comes from a mobile phone or via email: in all cases, the links are blocked and don't appear in the message. Therefore, if security is disabled, a significant level of risk arises.
How are they deceiving users?
We're starting from the premise we've already mentioned: iMessage's security system protects you from those links that arrive with malicious intent. However, there is a way for them to be displayed. And cybercriminals know this well, so they're trying to get users to follow the instructions to reactivate them. Unfortunately, this happens as simply as replying to the unknown message or adding the contact in question to their address book. In that case, the links will begin to appear. Of course, adding the contact won't be the most common approach, but replying to the message? That's quite possible and dangerous.
For example, what has been seen in some phishing messages is a supposed courier service informing the victim about an attempted delivery of a package. Since it hasn't been delivered, the message asks the victim to click on the link to enter the full address and receive the package. However, upon receiving the message for the first time, the link isn't displayed. Therefore, the cybercriminal's message continues with additional instructions.
What the hacker asks is for the user to reply "Y," as if it were a receipt. They then ask them to exit the message, reopen it, and click the link or copy and paste it into their mobile browser. They promise they'll be able to check the address and then confirm the delivery location so you can receive the package.
In some cases, the response isn't "Y," but rather other words. For example, some people tell the user that if they want to stop receiving messages, they should text the word "Stop." And even if the victim doesn't click the link, the response already indicates to the scammers that there's a certain possibility of continued attacks. As usual, to avoid all of this, we must be very careful and avoid falling into the traps we might encounter.