Did you know Encrypted iMessages Becoming New Front for Phishing Attacks, Thanks to iPhone Farms

 

A new study by security researchers is speaking about how iPhone farms are sending nearly 100,000 scam iMessages every single day.

These farms are banks of devices filled with rotating temporary Apple IDs. Instead of texting, they use iMessages so scammers can bypass any kind of spam filters that might be in place on the user’s device. Moreover, these scammers don’t need any special skills to carry out such attacks in the first place. You can think of them as companies providing Phishing-As-A-Service (PhAAS), which is a special kind of phishing attack.

Most of the scams taking place today entail false demands for tasks like traffic toll fees or shipping fees for packages arriving at the Customs. There are also fake warnings about any kind of unpaid tax.

The majority of the scams are rolled out through email and texts, and then a common cat and mouse game takes place between one criminal to the next. There is also the arrival of mobile carriers who try to alert users about suspicious message transfers to block all of them.

The news comes to us from research experts at Catalyst who say that scammers are switching to iMessage as they’re encrypted. Networks cannot see the material, so they aren’t ever blocked or highlighted.

What makes the whole situation so much worse is how one platform from China is offering iPhone farms for sale that people can use by paying. For instance, one example is Lucid, which is operated by threat actors from China. They target 169 entities across 88 different nations around the globe.

It’s all very scalable, and the subscription-based designs enable cybercriminals to carry out large-scale phishing attempts. These can harvest sensitive details like credit cards for matters like money fraud. To ensure it’s not caught, it makes use of Android RCS and Apple’s iMessage to get more support and acceptance. This will bypass all classic filters for spam and also improve better rates for deliver and success.

Some scammers go all the way to produce convincing-looking alternatives to pages for organizations that seem so real, like a courier service. One group called the XinXin group was seen putting phishing templates on sale. These are created to copy postal services, tax refunds, and even road toll fee systems.

There’s even a group on Telegram that sells PhAAS attacks that feature up to 2,000 different members. Experts warn to never clicking on these phishing links seen in emails. No matter how much you might be tempted to do so, it’s better to use personal bookmarks or add a known URL.

It’s simpler to make emails or texts appear like they came from real companies, so we feel trusting anyone online is never advisable. If there’s any message asking for a quick acceptance or forcing you to act immediately to avoid a fee, there is something wrong here for sure.