Phishing campaign targeting iPhone users; CSA warns against replying to unknown iMessage senders
Suspicious messages sent by seemingly legitimate sources should be verified through official channels, or the anti-scam hotline at 1799.ST PHOTO: GIN TAY
SINGAPORE - Apple iPhone users should not reply to messages from unknown senders, amid a phishing campaign targeting those who use the tech giant's iMessage app.
The Cyber Security Agency of Singapore (CSA) said in an advisory on Jan 15 that cybercriminals have been sending fraudulent messages to "manipulate users into disabling iMessage's built-in security features".
Seemingly coming from legitimate sources, the messages would instruct people to reply, such as by typing "Y".
Advertisement
Scroll to continue with content
In doing so, iMessage's built-in phishing protection for that message would be disabled, and links from unknown senders become accessible, which leads to cyber-security risks.
These include theft of personal information, installation of malware or spyware, and possible fraud, warned CSA.
It recommended several precautionary measures, chief among them being to ignore messages from unknown senders.
CSA also advised keeping the "Filter Unknown Senders" setting enabled, which can be performed by going to Settings, clicking on Messages, and then Filter Unknown Senders.
Suspicious messages sent by seemingly legitimate sources should be verified through official channels, or the anti-scam hotline at 1799.
CSA added that caution should be exercised when links are being sent through messages regardless of the sender's identity, and suspicious messages should be reported through ScamShield.
Meanwhile, phishing messages that seem to be from Apple should be reported to reportphishing@apple.com, accompanied by a screenshot.
As for those who have already replied to phishing messages, CSA advised blocking the sender and monitoring accounts for suspicious activity.
If banking details or credit card credentials were shared, individuals should inform their bank immediately.
CSA said: "If you observe any suspicious applications installed or installed any applications under instruction, uninstall them immediately," adding that passwords should also be changed, especially if the same one was used for other accounts.
Lastly, the agency said users should lodge a police report if any financial losses were incurred.
"Staying informed and cautious can help protect your personal and financial information," said CSA.
Scammers have continually made use of phishing messages to cheat victims of their money. In December, there had been at least 17 such cases associated with the Land Transport Authority, where more than half of them saw grifters using messaging platforms to con people.
At least $33,000 was lost in that particular scam variant.
- Aqil Hamzah is a journalist covering breaking news at The Straits Times, with interests in crime and technology.
Join ST's WhatsApp Channel and get the latest news and must-reads.
No comments:
Post a Comment