iPhone users don’t face nearly as many cyber threats as their Android brethren. But the Apple ecosystem isn’t bulletproof. In fact, the few attack vectors at criminals’ disposal on iOS – SMS and Calendar invites – are widely exploited to steal data and even infect iPhones with malware.
Almost five decades after its inception, the Short Messaging Service (SMS) remains a vital piece of technology. Some still use it as a primary texting hub. Institutions rely on it to communicate with the outside world. And various services use it for multi-factor authentication. But for all its benefits, SMS has many security drawbacks – chief among them: it’s a primary attack vector for scammers.
Data published by the FBI shows that phishing is the most commonly reported threat facing regular citizens today. SMS phishing, or smishing, is, unsurprisingly, a primary avenue for cybercrime on mobile devices.
The most common trickeries involve a fake invoice, a missing parcel, a purported voice message, an overdue bill, a fake warning impersonating your bank or phone operator, an unclaimed prize, and so on. The message typically tries to get recipients to access a tainted link, which sets the wheels in motion for malware infection or to advance the scam through social engineering.
In May of last year, FluBot operators used the fake voice message trick to infect users with their infamous data-stealing malware. In July of this year, scammers used a tried-and-tested SMS scam to steal credit card info and personal details.
Because iOS leaves few avenues for attack, cybercriminals are forced to use the little wiggle room available to them through Calendar invites. Attackers craft tainted invites then spam millions of people, hoping to catch a few in their net. The link usually leads to a phishing page or even actual malware.
A notorious spyware vendor reportedly used this attack vector to target high-profile figures and snoop on their phone calls, read their texts, take pictures through the phone’s camera, track the victim’s location, and more. Pretty scary, right? Especially as iOS is touted as a safe haven from hackers.
Detecting SMS scams or tainted Calendar invites isn’t always easy. Some attacks are crafted to look very convincing, sometimes tricking even a trained pair of eyes. With these scams on the rise, iPhone users are in dire need of an automatic scam-detection mechanism. This week, Bitdefender is proud to offer this new detection mechanism on iOS for the very first time!
Bitdefender is honored to introduce the powerful Scam Alert feature on iOS, delivering a vital new layer of protection for Apple customers.
Available since 2021 on Android, Scam Alert is now baked right into our flagship Mobile Security solution for iOS to automatically scan your incoming texts and calendar invites for scams and malicious links.
Built on a foundation centered on privacy, Bitdefender Mobile Security for iOS will only scan your texts and calendar events for dangerous links, but won’t collect or store any actual content.
In line with Apple’s marketing mantra, this is our most enhanced security for iOS to date. Grab the free app at the link below and take it for a spin today! Ideally, you’ll enable both Scam Alert and Web Protection to tackle the wider palette of threats facing mobile users today.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 19, 2024
November 14, 2024