Scammers have a new phishing trick for iPhone users – here’s how to avoid falling victim

News
By
published

Bypassing Apple’s safety measures

Man holding a mobile phone with warning notification and spam message icon
(Image credit: Getty Images)
  • Scammers have a new trick up their sleeves, and are using it on iPhone users
  • They tell you to reply to their texts, which disables Apple’s scam protection
  • Thankfully, there are a few ways you can stay safe

Apple has built several scam-protection tools into iOS, one of which disables links in SMS messages if the text comes from an unknown number. However, it looks like scammers have found a way to bypass these defenses and send you dangerous links, despite Apple’s best efforts.

As noted by Bleeping Computer, links are re-enabled if you reply to a message from an unknown source, as Apple assumes that replying means you trust the sender enough to also trust the URLs they’ve included.

However, scammers have latched onto this by instructing their victims to reply to their message, then click the re-enabled links. For instance, one scam message seen by Bleeping Computer contained a phishing link (which had been disabled), with the following text underneath it:

“Please reply Y, then exit the text message, reopen the text message activation link, or copy the link to Safari browser to open it.”

The idea seems to be that people are so used to replying to automated texts with things like 'YES' and 'NO' that they will automatically do the same with the phishing messages, thereby enabling potentially dangerous links to work again.

How to stay safe

A hacker typing on a MacBook laptop with code on the screen.

(Image credit: Sora Shimazaki / Pexels)

If you receive an unexpected message from an unknown source and see that the text contains links, do not reply to it. Doing so will make the links live again, but simply ignoring the text (and reporting it as spam) will ensure you can’t fall victim to it.

If you aren’t sure whether a message is genuine or not, the advice remains the same: do not reply to it. Instead, contact the company directly using its official channels. This will put you in touch with a legitimate employee who will be able to tell you whether the message you received is trustworthy or not.

Even if you don’t click any suspicious links in the text, simply replying to the message will signal to the scammer that your number is active and that you are willing to engage with phishing messages, making you a inviting target.

It’s better to be safe than sorry in these situations. If you’ve been sent a text you weren’t expecting from a sender that claims to be an official source, it’s best to be cautious rather than take any unnecessary risks. If in doubt, simply report it and don't interact with it.

You might also like

See more News about Phones
TOPICS
Alex Blake
Alex Blake
Freelance Contributor

Alex Blake has been fooling around with computers since the early 1990s, and since that time he's learned a thing or two about tech. No more than two things, though. That's all his brain can hold. As well as TechRadar, Alex writes for iMore, Digital Trends and Creative Bloq, among others. He was previously commissioning editor at MacFormat magazine. That means he mostly covers the world of Apple and its latest products, but also Windows, computer peripherals, mobile apps, and much more beyond. When not writing, you can find him hiking the English countryside and gaming on his PC.