Cloudmark is now part of Proofpoint. Learn More

About Proofpoint

Abusing Apple’s iMessage in the Big Apple

Last year we took a look at specific SMS spam trends affecting New York City residents and found an abundance of scams claiming the recipient had won “free” stuff. This year, however, things have gotten a bit more interesting with a wave of Apple iMessage spam that, naturally, only targets iPhone users.

During the past two months, 34 percent of all reported SMS spam in the entire U.S. was from this single campaign advertising various discount sale sites peddling, likely knock-off, designer goods. Brands included Louis Vuitton, Hermes, Gucci, Prada, Celine, Oakley and Ray Ban Sunglasses, Michael Kors, and Tiffany & Co Jewelry. Oakley and Ray Ban sunglasses were by far the most common among them, probably because it is summertime.


New York City was the fourth most impacted area in the country trailing behind only Los Angeles, San Diego, and Miami. Of all SMS spam reported in NYC during the past two months, 47 percent has been from this single campaign that currently only affects iPhone users.

t5 nyc

It’s interesting to see so many iMessages in the primarily SMS-focused GSMA Spam Reporting Service. On iPhones, iMessage is an over-the-top (OTT) service transparently layered on top of the SMS inbox by Apple to provide a convenient dual-purpose application for messaging. The result makes iMessage relatively indistinguishable from standard SMS texts for many users other a than color difference between chat boxes. The downside to this free integrated OTT messaging is that spammers can send any volume of messages to any iPhone user completely free of charge.

One of the primary mechanisms preventing rampant abuse of SMS spam in the US from abroad is expensive fees for sending international SMS texts. It’s for this reason that we owe this knock-off designer spam. It appears that 59 percent can be directly attributed to various Chinese emails and domains. Whether this is the result of compromised domains and email accounts remains unclear.

What is clear is that the authenticity of these shanty-like online stores for designer bags is very questionable. Names, URLs, and domain registration info all raise red flags. It’s unlikely that a URL like “” is a reputable domain. Also, the product images are of noticeably low quality and appear to have been ripped from third-party sites such as eBay. While the lure of a new Michael Kors bag to match your new iPhone case might be enticing, we’d recommend steering clear of any too-good-to-be-true offers that pop up on your phone.


47 thoughts on “Abusing Apple’s iMessage in the Big Apple”

  1. And on top of that the spammers will also get a verification when the iMessages have been read; won’t they?

    Compiling statistics for their penetration much more easy; becoming even more efficient in their strikes…

Leave a Reply

Your email address will not be published. Required fields are marked

Learn More About Cloudmark
Our Products
News and Events
Site Map  •  Privacy Policy  •  ©2002–2019 Cloudmark, Inc.