Get the impressive OnePlus 13 here!
Reserve a Galaxy S25 with exclusive discounts
Samsung launches Galaxy S25 reservations
Reserve a Galaxy S25 with exclusive discounts
00 days
00 hrs
00 mins
Reserving a Galaxy S25 gives you a $50 Samsung Credit, extra savings of up to $1,250, and a chance to win $5,000!

Don't fall for this SMS trick that results in iPhone users losing their personal data and money

By
0comments
Google News Follow
Follow us on Google News
iOS Apple iPhone
Illustration reveals that smishing is phishing done over the SMS messaging platform.
Apple's Messaging app features built-in protection from phishing and smishing expeditions. Phishing is when cybercriminals send someone an email that looks like a legitimate letter from a company that the victim does business with. The letter contains a message with an urgent demand that the target do something or face a harsh consequence. The goal is to get the target to turn over sensitive information such as PIN numbers, passwords, and social security numbers all to take over the victim's financial accounts and steal the money in his/her personal accounts.

For example, let's say that you are an AT&T subscriber. You might get an email that looks like a genuine AT&T missive. The letter might say that your account is past due and if you don't make an immediate payment, your wireless account will be suspended. To make the payment, the email might include a link that takes you to a page where you need to fill in your credit card number, expiration date, security code, and your address. Give up all that information and you might find strange charges on your card that you had nothing to do with. And of course, you're going to give out this info because who wants to have their wireless account turned off.

Beware of "smishing" messages which are bogus texts made to look like they came from a firm you do business with


Sometimes these phishing messages are sent via text messages in which case it is called "smishing." Most cybersecurity experts will tell you never to tap on links in emails and texts you receive from senders who are unknown to you. Apple's iMessage platform automatically disables links in messages sent by unknown senders regardless whether the message was sent via email or text.

Examples of smishing texts that try to get you to respond disabling Apple's protection from links. | Image credit-BeepingComputer - Don't fall for this SMS trick that results in iPhone users losing their personal data and money
Examples of smishing texts that try to get you to respond disabling Apple's protection from links. | Image credit-BeepingComputer

But there is a way for cybercriminals to disable this protection from Apple. The tech giant says that if a user replies to a smishing or phishing message or adds the sender to his contact list, the protection from Apple that disables links in that message or email from an unknown sender will no longer work. That is why security experts have seen an increase in smishing attacks from attackers who try to get targets to respond to their texts so that the links in the text are enabled once again.

BleepingComputer posted examples of smishing attacks with one text using a bogus USPS shipping issue and the other a text about an unpaid road toll. The former asks for a complete address in order to have a package delivered. Who doesn't like receiving a package? The latter text threatens late fees and possible lawsuits if a toll is not paid. If the target of these messages responds to the texts, the links in each text he responds to are no longer protected as Apple will enable them. As a result, a recipient of a smishing message might accidentally give away some personal data by responding to one and then getting manipulated into tapping on a link.

To trick the iPhone user into responding to the text and disabling the protection, many smishing texts will include a line like this: "Please reply Y, then exit the text message, reopen the text message activation link, or copy the link to Safari browser to open it." Since many smartphone users have become familiar with the idea of verifying an appointment by typing "Yes," or just the letter "Y," the attackers are hoping that the target responds with the "Y" which, as we said, will turn off iMessage's built-in phishing protection for this text.

What to do if you receive a smishing text


Even if the target doesn't tap on the now-enabled link, knowing that the target responded to the smishing message lets the attacker know that this target can be tricked into responding to a bogus message. Many of the targets of these smishing attacks are older people who might be more compelled to believe that  a smishing text is legitimate and feel that they must settle up immediately to prevent them from receiving a punishment.

Recommended Stories
If a message you receive has its links disabled, or if it is from an unknown sender asking you to replay to the text, you should not respond. Your best bet is to call the company that allegedly sent the text and ask then whether they sent you a text message and what task they need you to do.
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Senior News Writer
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile users nationwide begin receiving the news they longed to hear
T-Mobile users nationwide begin receiving the news they longed to hear
Disappointing Galaxy S25 Ultra downgrade revealed by retailer
Disappointing Galaxy S25 Ultra downgrade revealed by retailer
Great new T-Mobile offer goes live without any fanfare
Great new T-Mobile offer goes live without any fanfare
Reserve your Galaxy S25 today and unlock exclusive bonuses
Reserve your Galaxy S25 today and unlock exclusive bonuses
Not willing to give T-Mobile an easy pass, attorney sues for avoidable harm to customers
Not willing to give T-Mobile an easy pass, attorney sues for avoidable harm to customers
Galaxy S25, S25+ and Ultra: the master leak is here with detailed spec lists
Galaxy S25, S25+ and Ultra: the master leak is here with detailed spec lists

Latest News

Every single iPad mini (2024) model with Apple A17 Pro power is now discounted by a cool $100
Every single iPad mini (2024) model with Apple A17 Pro power is now discounted by a cool $100
The Galaxy S24+ takes a deep dive of $250 at Best Buy, ahead of the Galaxy S25 release
The Galaxy S24+ takes a deep dive of $250 at Best Buy, ahead of the Galaxy S25 release
Epic sale knocks 31% off the JBL Charge 5 for extremely limited time
Epic sale knocks 31% off the JBL Charge 5 for extremely limited time
Versatile Galaxy Tab S9+ drops to a tempting price after a delicious discount at Best Buy
Versatile Galaxy Tab S9+ drops to a tempting price after a delicious discount at Best Buy
One of the best Pixel 8a promos is back on Amazon once again, but only for a limited time
One of the best Pixel 8a promos is back on Amazon once again, but only for a limited time
Samsung shows us the future of smartphone form factors including one panel expected on a 2026 phone
Samsung shows us the future of smartphone form factors including one panel expected on a 2026 phone
FCC OKs Cingular\'s purchase of AT&T Wireless