Lawrence Abrams reports:
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links.
With so much of our daily activities done from our mobile devices, whether paying bills, shopping, or communicating with friends and colleagues, threat actors increasingly conduct smishing (SMS phishing) attacks against mobile numbers.
To protect users from such attacks, Apple iMessage automatically disables links in messages received from unknown senders, whether that be an email address or phone number.
However, Apple told BleepingComputer that if a user replies to that message or adds the sender to their contact list, the links will be enabled.
Read more at Bleeping Computer.
“If you receive a message whose links are disabled or from an unknown sender asking you to reply to the text, you are strongly advised not to do so.”