Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links, according to Bleeping Computer.
The app automatically disables links in messages received from unknown senders, whether that be an email address or phone number. However, Apple told BleepingComputer that if a user replies to that message or adds the sender to their contact list, the links will be enabled.
“If you receive a message whose links are disabled or from an unknown sender asking you to reply to the text, you are strongly advised not to do so,” the report says. “Instead, contact the company or organization directly to verify the text and see if there’s anything else you need to do.”
