Security researchers have uncovered a new way scammers are spreading phishing messages on a massive scale. They are using so-called iPhone farms, networks of hundreds of iPhones equipped with temporary Apple ID, which allow sending over 100 thousand fraudulent iMessage daily. Thanks to the encryption of these messages, they also manage to bypass traditional anti-spam filters of mobile operators. The messages are disguised as calls for payment of tolls, additional payment for the delivery of a package, or a warning about alleged tax arrears. The goal is to get the recipient of this message to click on a fraudulent link and fill in their personal or payment details.
You could be interested in
Security firm Catalyst has discovered that the entire system is being run by a Chinese-speaking group that runs the Lucid platform. It operates as a Phishing-as-a-Service. For a subscription fee, it also offers complete templates for fraudulent websites that imitate the websites of carriers, post offices, and tax offices. The messages are spread not only through iMessage, but also via RCS on Android, which significantly increases the likelihood of their delivery. One of the Telegram groups that promotes these services has over 2 thousand members. Protection is simple. Never click on links, even if they look trustworthy. It is better to write the addresses yourself or use bookmarks. Only trust messages that you can verify in another way. And beware of those that force you to act quickly under threat of a fine or other sanction.
Especially since they have their own closed ecosystem 🤦♂️ But what, they'll give it to everyone and they'll still explain to us what the benefit is 🙉