Phishing texts trick Apple iMessage users into disabling protection

pHackers leak configs and VPN credentials for 15000 FortiGate devicesppNew UEFI Secure Boot flaw exposes systems to bootkits patch nowppMicrosoft January 2025 Patch Tuesday fixes 8 zerodays 159 flawsppFTC orders GoDaddy to fix poor web hosting security practicesppTikTok is back up in the US after Trump says he will extend deadlineppTikTok shuts down in the US as Trump throws the company a lifelineppStar Blizzard hackers abuse WhatsApp to target highvalue diplomatsppCharge up to 5 devices in 190 countries with this travel adapter dealppHow to access the Dark Web using the Tor BrowserppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppeLearningppIT Certification CoursesppGear GadgetsppSecurityppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppppCybercriminals are exploiting a trick to turn off Apple iMessages builtin phishing protection for a text and trick users into reenabling disabled phishing linksppWith so much of our daily activities done from our mobile devices whether paying bills shopping or communicating with friends and colleagues threat actors increasingly conduct smishing SMS phishing attacks against mobile numbersppTo protect users from such attacks Apple iMessage automatically disables links in messages received from unknown senders whether that be an email address or phone numberppHowever Apple told BleepingComputer that if a user replies to that message or adds the sender to their contact list the links will be enabledppOver the past couple of months BleepingComputer has seen a surge in smishing attacks that attempt to trick users into replying to a text so that links are enabled againppAs you can see below a fake USPS shipping issue and a fake unpaid road toll text were sent from unknown senders and iMessage automatically disabled the linksppWhile neither of these phishing lures is new we noticed that these smishing texts and others seen recently ask users to reply with Y to enable the linkppPlease reply Y then exit the text message reopen the text message activation link or copy the link to Safari browser to open it reads the smishing messagesppFurther research shows this tactic has been used over the past year with a surge since the summerppAs users have become used to typing STOP Yes or NO to confirm appointments or opt out of text messages the threat actors are hoping this familiar act will lead the text recipient to reply to the text and enable the linksppDoing so will enable the links again and turn off iMessages builtin phishing protection for this textppEven if a user doesnt click on the nowenabled link the act of replying tells the threat actor that they now have a target that responds to phishing texts making them a bigger targetppWhile most of our regular readers will be able to spot that these are phishing attacks BleepingComputer was shown one of the above texts by an older family friend who was unsure if it was legitimateppUnfortunately these types of people are commonly the target of these types of phishing messages leading them to enter their personal information credit card information or other details that the attackers then stealppIf you receive a message whose links are disabled or from an unknown sender asking you to reply to the text you are strongly advised not to do soppInstead contact the company or organization directly to verify the text and ask if there is anything else you need to doppStar Blizzard hackers abuse WhatsApp to target highvalue diplomatsppHackers use Google Search ads to steal Google Ads accountsppMicrosoft macOS bug lets hackers install malicious kernel driversppBanshee stealer evades detection using Apple XProtect encryption algoppCriminal IP Bringing RealTime Phishing Detection to Microsoft OutlookppNot a member yet Register NowppMicrosoft starts force upgrading Windows 11 22H2 23H3 devicesppMalicious PyPi package steals Discord auth tokens from devsppFTC cracks down on Genshin Impact gacha loot box practicesppSave IT time with selfservice password resetsppProtecting Against Malicious Browser Extensions The Complete GuideppCriminal IP RealTime Phishing Protection for Outlook UsersppPassword healthcheck overdue Audit your Active Directory for freeppGenerative AI An MFA Game Changer for Security and Hacker StrategyppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2025 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp