Surge in Hackers Targeting Apple iMessage Users with Phishing Attacks| Enterprise Tech News EM360Tech

Image Credit: keBu.Medien | Adobe Stock

Since the summer of 2023, a surge in hackers targeting Apple users in phishing attacks has been observed.

While Apple iMessage has a highly secure built-in feature to protect users from phishing attempts, cybercriminals have managed to disable this protection.

These threat actors have been allegedly exploiting Apple iMessage users into responding to a text message or adding the sending to their contact list. This re-enables the disabled phishing links as a result, breaking protection.

‘Smishing Surge’ in Apple iMessage

SMS phishing attacks, also referred to as smishing have been experiencing a surge in the past few months.

Bleeping Computer reported that it has seen a surge in smishing attacks attempting to trick users into replying to a text so that links are enabled again.

Apple told Bleeping Computer that if a user replies to that message or adds the sender to their contact list, the links will be enabled.

Alluding to an example, the media organisation explained that a fake USPS shipping issue and a fake unpaid road toll text were sent from unknown senders, and iMessage automatically disabled the links.

Also Read: Apple Confirms macOS Targeted in Zero-Day Vulnerability Cyber Attacks

Cybercriminals Exploiting User Reply Feature

When users were asked to respond with the letter “Y”, and they did, it enabled the link.

“Please reply Y, then exit the text message, reopen the text message activation link, or copy the link to Safari browser to open it," a smishing message stated.

Users have become accustomed to responding to official messages with “Yes,” “No,” or “Stop,” for instance to confirm or cancel appointments. Cybercriminals have exploited this action by tricking users into responding, posing as someone the user might likely reply to.

As a result of the surge in SMS phishing, Apple is encouraging user vigilance and emphasising the importance of only responding to texts from known contacts.

By default, Apple iMessage automatically disables links in messages from unknown senders, regardless of whether they are sent from an email address or phone number.

“While neither of these phishing lures is new, we noticed that these smishing texts, and others seen recently, ask users to reply with "Y" to enable the link,” stated Bleeping Computer.

Also Read: Apple Sounds Alarm Over iPhone Mercenary Spyware Attacks

UK Aims to Become AI ‘World Leader’ Following AI Opportunities Action Plan

How Luxonis Helps Enterprises Scale Vision AI Models | Interview With Bradley Dillon, CEO

Offline AI Helps Businesses Tackle Unpredictable Environments, Says Vivoka CPO

What are Small Language Models (SLMs)? When to Use Them Over LLMs?

Rethinking Real-Time Analytics: Building the Foundation for Real-Time AI

AI and Big Data Expo Global Countdown: Less than 4 weeks to go!

What Is Data Augmentation? Techniques and Benefits Explored

What Is Demand Forecasting? Smarter Business Decisions Aligned to Customer Needs

IoT Tech Expo Global 2025: Four Weeks to Go

Episode 7 - Balancing the Scales: Citizen Developers and Centralised Orchestration

How to Strengthen Cybersecurity with Cloud Innovation

What is the Willow Quantum Computing Chip by Google?

Top 10 Best Colocation Data Centres

What Is Inventory Optimisation? Definition and Strategies for Success

Fiplana from insightsoftware: Optimize Enterprise Planning

Power ON from insightsoftware: Supercharge Power BI With Planning and Write-Back

Surge in Hackers Targeting Apple iMessage Users with Phishing Attacks

Major Proton Outage Disrupts Proton Mail and Calendar Services

​BayMark Health Services Data Breach Hits Substance Use Patients

Green Bay Packers Data Breach Risks Credit Card Data of 8.5K Customers

What is Net Neutrality? The Battle for an Open Internet

Episode 6 - Automation Excellence in 2025: What Should Be On Your Radar?

The Human Touch: Technological Innovation in Modern Business

Elon Musk's ‘X’ Rival, Bluesky is Taking Off, What is it?

Surge in Hackers Targeting Apple iMessage Users with Phishing Attacks

UK Aims to Become AI ‘World Leader’ Following AI Opportunities Action Plan

Major Proton Outage Disrupts Proton Mail and Calendar Services

​BayMark Health Services Data Breach Hits Substance Use Patients

Rethinking Real-Time Analytics: Building the Foundation for Real-Time AI

The AI Shift: Transforming Roles and Securing IT Systems

Supply Chain Survival: How to Dodge Disasters and Stay Ahead of the Curve

Code Less, Build More: The AI Future of Low-Code Development

Top 10 Best Colocation Data Centres

Top 10 AI Audio Generators

Top 10 Supply Chain Attacks: What You Need to Know

Top 10 Cloud Security Posture Management (CSPM) Tools

Omada: Navigating the Evolving Compliance Landscape

Omada: NIS2 Directive Explained - Your Guide to Compliance and Security

Fiplana from insightsoftware: Optimize Enterprise Planning

Power ON from insightsoftware: Supercharge Power BI With Planning and Write-Back

IoT Tech Expo Global 2025: Four Weeks to Go

AI and Big Data Expo Global Countdown: Less than 4 weeks to go!

Shaping the Future: The AI Summit New York 2024

AI and Big Data Expo Global adds a host of leading industry experts to the agenda

Meet The Analyst - Ann Emery

Meet the Analyst: Debbie Reynolds

Exploring AI Integration in Contact Centers: Insights from DTXUCX 2024

"AI is Less of a Focus this Year" | Mike Plested @ DTXUCX 2024

‘Smishing Surge’ in Apple iMessage

Cybercriminals Exploiting User Reply Feature

More from Shubhangi Dua

Shubhangi Dua

Recommended for you

UK Aims to Become AI ‘World Leader’ Following AI Opportunities Action Plan

BayMark Health Services Data Breach Hits Substance Use Patients

BayMark Health Services Data Breach Hits Substance Use Patients