Subscribe to RSS Feed

Cloudmark Blog

Intelligence Briefings from the War on Spam

Abusing Apple’s iMessage in the Big Apple


Tue, Jul 15, 2014 by Tom Landesman

Last year we took a look at specific SMS spam trends affecting New York City residents and found an abundance of scams claiming the recipient had won “free” stuff. This year, however, things have gotten a bit more interesting with a wave of Apple iMessage spam that, naturally, only targets iPhone users.

During the past two months, 34 percent of all reported SMS spam in the entire U.S. was from this single campaign advertising various discount sale sites peddling, likely knock-off, designer goods. Brands included Louis Vuitton, Hermes, Gucci, Prada, Celine, Oakley and Ray Ban Sunglasses, Michael Kors, and Tiffany & Co Jewelry. Oakley and Ray Ban sunglasses were by far the most common among them, probably because it is summertime.

rayban

New York City was the fourth most impacted area in the country trailing behind only Los Angeles, San Diego, and Miami. Of all SMS spam reported in NYC during the past two months, 47 percent has been from this single campaign that currently only affects iPhone users.

t5 nyc

It’s interesting to see so many iMessages in the primarily SMS-focused GSMA Spam Reporting Service. On iPhones, iMessage is an over-the-top (OTT) service transparently layered on top of the SMS inbox by Apple to provide a convenient dual-purpose application for messaging. The result makes iMessage relatively indistinguishable from standard SMS texts for many users other a than color difference between chat boxes. The downside to this free integrated OTT messaging is that spammers can send any volume of messages to any iPhone user completely free of charge.

One of the primary mechanisms preventing rampant abuse of SMS spam in the US from abroad is expensive fees for sending international SMS texts. It’s for this reason that we owe this knock-off designer spam. It appears that 59 percent can be directly attributed to various Chinese emails and domains. Whether this is the result of compromised domains and email accounts remains unclear.

What is clear is that the authenticity of these shanty-like online stores for designer bags is very questionable. Names, URLs, and domain registration info all raise red flags. It’s unlikely that a URL like “sunglassesstore-us.com” is a reputable domain. Also, the product images are of noticeably low quality and appear to have been ripped from third-party sites such as eBay. While the lure of a new Michael Kors bag to match your new iPhone case might be enticing, we’d recommend steering clear of any too-good-to-be-true offers that pop up on your phone.

mkors

Tags: , , , , , , , , , ,

44 Responses to “Abusing Apple’s iMessage in the Big Apple”

  1. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | Kronosim Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  2. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | Social Dashboard Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  3. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | POPFIX - Celebrity, Tech, Sports News Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  4. Beware of This iMessage Spam Campaign Peddling Fake Oakleys - Tekoholic Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  5. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | Test myFallacy Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  6. Beware of This iMessage Spam Campaign Peddling Fake Oakleys – Dustyhawk :: Broken Mirror Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  7. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | mcgseattle Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  8. Jorgen Says:

    And on top of that the spammers will also get a verification when the iMessages have been read; won’t they?

    Compiling statistics for their penetration much more easy; becoming even more efficient in their strikes…

  9. Beware of This iMessage Spam Campaign Peddling Fake Oakleys - jpg dictionary : jpg dictionary Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  10. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | The Tech Showdown! Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  11. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | FW VenturesFW Ventures Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  12. Beware Of This iMessage Spam Campaign Peddling Fake Oakleys | Gizmodo Australia Says:

    […] messages via email. You can also forward regular text message spam to 7726 to block the sender. [Cloudmark via […]

  13. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | endlessness Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  14. New iMessage Spam Targets iPhone Users, Here's How To Protect Yourself | Redmond Pie Says:

    […] (source: Cloudmark) […]

  15. Beware of This iMessage Spam Campaign Peddling Fake Oakleys « Robot Insurance Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  16. How To Stop iPhone iMessage Spam Says:

    […] Cloudmark outline some information regarding this new iMessage spam on their blog as […]

  17. Apple: iMessage-Spam in den USA | my-bund.de | Photos, News, Blogs and more Says:

    […] ►Quelle: Cloudmark […]

  18. iMessage-Spam: Neue Welle mit Fake-Webseiten - Apfelpage Says:

    […] Sicherheitsunternehmen Cloudmark warnt aktuell vor einer in den letzten Monaten massiv ausgedehnten Spam-Welle in Apples […]

  19. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | Blog actuales.es Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  20. iMessage: Spam-Welle betrifft derzeit User in USA | iTopnews Says:

    […] herausgefunden wurde, stammen 34 Prozent der Spam-Nachrichten von einer einzigen Welle. Cloudmark empfiehlt, solche Nachrichten keinesfalls zu öffnen und die Versender bei Apple zu melden. Da die Links nur […]

  21. Rash Of SMS Spam Seems To Be Targeting iMessage Users | SEO BACKLINK Says:

    […] you might want to keep an eye out for spam messages. This is according to security research firm, Cloudmark, who revealed that there is a spammer on the loose who has been sending spam iMessages to iOS users […]

  22. Spam Alert! Some Users Receiving iMessage Advertisements from Faux Sunglasses Retailer - iPhone Forums Says:

    […] Via Cloudmark: […]

  23. New iMessage Spam Targets iPhone Users, Here’s How To Protect Yourself | YouHighTech.com Says:

    […] (source: Cloudmark) […]

  24. Apple-Nutzer Opfer von Spam-Welle – iMessage im Visier von Betrügern | 1pic4u Says:

    […] Nutzer, die die Spam-Nachrichten bekommen haben, hätten aber vorgewarnt sein sollen. Besonders professionell sieht “sunglassstore-us.com” nämlich nicht aus, berichtet das Blog “Cloudmark”. […]

  25. Apple-Nutzer Opfer von Spam-Welle – iMessage im Visier von Betrügern | Online Dating Says:

    […] Nutzer, die die Spam-Nachrichten bekommen haben, hätten aber vorgewarnt sein sollen. Besonders professionell sieht “sunglassstore-us.com” nämlich nicht aus, berichtet das Blog “Cloudmark”. […]

  26. Spam-Welle in iMessage | apfellike Says:

    […] [via, via] […]

  27. iMessage-Spam in den USA: New York, Los Angeles und Co. leiden unter gefälschten Apple-SMS | BASIC thinking Says:

    […] to see so many iMessages in the primarily SMS-focused GSMA Spam Reporting Service”, schreibt Cloudmark. In Großstädten ist der Anteil sogar noch höher. Besonders stark betroffen sind Los Angeles, San […]

  28. New iMessage Spam Targets iPhone Users, Here’s How To Protect Yourself - New-techz.com Says:

    […] (source: Cloudmark) […]

  29. Aparece una nueva avalancha de spam a través de iMessage Says:

    […] Vía […]

  30. Beware of This iMessage Spam Campaign Peddling Fake Oakleys | Dudelizious.com Says:

    […] security research firm Cloudmark issued a sweeping warning about iMessage spam this week. Apparently, the cost of straight up sending regular text messages is […]

  31. 30% aller Spam-Nachrichten laufen über iMessage › ApfelBlatt Says:

    […] Apple will dem natürlich entgegen wirken, was allerdings nicht so einfach ist. Man hat aber beispielsweise ein Spam-Reporting Tool am laufen, wo Kunden, die von Spams betroffen sind, Apple mitteilen können, von wem und wann die Nachrichten geschickt wurden. Dazu muss man allerdings sagen, dass das Spamen über iMessage in den USA um einiges weiter voran geschritten ist, als dies in Europa der Fall ist. […]

  32. iMessage is overrun by scammers, but Apple does nothing | ITProPortalITProPortal.com Says:

    […] Landesman, security researcher at Cloudmark, found that in May and June “34 percent of all reported SMS spam in the entire US was from this […]

  33. How To Banish Those Annoying iMessage Spammers Forever (AAPL) | Construction Says:

    […] recent post by AppleInsider dug into the report Wired’s article is based on and searched iPhone message forums for user […]

  34. How To Banish Those Annoying iMessage Spammers Forever (AAPL) | Whitelabel News Says:

    […] recent post by AppleInsider dug into the report Wired’s article is based on and searched iPhone message forums for user […]

  35. How To Banish Those Annoying iMessage Spammers Forever | Bicara Niaga Says:

    […] recent post by AppleInsider dug into the report Wired’s article is based on and searched iPhone message forums for user […]

  36. How To Banish Those Annoying iMessage Spammers Forever (AAPL) | BawlBuster Says:

    […] recent post by AppleInsider dug into the report Wired’s article is based on and searched iPhone message forums for user […]

  37. How To Banish Those Annoying iMessage Spammers Forever (AAPL) | Digital Wealth Says:

    […] recent post by AppleInsider dug into the report Wired's article is based on and searched iPhone message forums for user […]

  38. Report claims iMessage spam on the rise, but little evidence appears in support | The Today Online Says:

    […] mid-July report from internet security firm Cloudmark singled out a campaign — likely run by Chinese spammers […]

  39. How To Banish Those Annoying iMessage Spammers Forever (AAPL) Says:

    […] recent post by AppleInsider dug into the report Wired’s article is based on and searched iPhone message forums for user […]

  40. Is Apple’s iMessage Really Being Overrun By Spammers? Says:

    […] messaging data collected across the U.S., a July report from Cloudmark says more than one-third of all SMS spam over the past year came from a "single campaign" using iMessage and targeting iPhone […]

  41. How To Banish Those Annoying iMessage Spammers Forever (AAPL) - Set Squared Centres Says:

    […] recent post by AppleInsider dug into the report Wired’s article is based on and searched iPhone message forums for user […]

  42. iMessage Spam Shows How Smartphones Are Dumber Than We Think Says:

    […] reported that 34 percent of all reported SMS spam in the U.S. in the previous two months was from a single campaign advertising discounted goods allegedly by — but more than likely knockoffs of — brands […]

  43. Report claims iMessage spam on the rise, but little evidence appears in support | Personal Site Says:

    […] mid-July report from internet security firm Cloudmark singled out a campaign — likely run by Chinese spammers — […]

  44. iMessage-Spam: Neue Welle mit Fake-Webseiten | OSXi Says:

    […] Sicherheitsunternehmen Cloudmark warnt aktuell vor einer in den letzten Monaten massiv ausgedehnten Spam-Welle in Apples […]

Leave a Reply


(will not be published)


Submit Your Comments

* Indicates a required field

Site Map  •  Privacy Policy  •  ©2002–2014 Cloudmark, Inc.