14 DAY TRIAL // An SMS spam campaign carried out through Apple’s iMessage service has been discovered to target residents in New York City (NYC).
Researchers at Cloudmark, a San Francisco-based company specialized in protection solutions against malicious actions delivered via email, found that 47% of all the spam recorded in NYC in the past two months had been sent through a specific malicious campaign.
The threat actors promote websites with fake products from world-known brands, such as Louis Vuitton, Hermes, Gucci, Prada, Celine, Oakley and Ray Ban Sunglasses, Michael Kors, and Tiffany & Co Jewelry.
The lure is targeting iPhone users, as it reaches the potential victim via the iMessage IM service from Apple, which works on iOS 5 and later. This means that all the latest iPhone devices are affected by the spam campaign.
iMessage is an over-the-top (OTT) service that allows sending messages over WiFi connections, and it is transparently layered over the SMS inbox. It can be easily mistook by a user for the actual short message service provided by the mobile phone carriers, because the only interface difference consists in the color of the chat boxes.
Given these features, spammers can easily send a massive amount of messages with small fees, while the user can be tricked into believing that the info is delivered as an actual SMS, which is generally more trusted, greatly improving the success rate of the scam.
“One of the primary mechanisms preventing rampant abuse of SMS spam in the US from abroad is expensive fees for sending international SMS texts. It’s for this reason that we owe this knock-off designer spam,” explains Tom Landesman in a blog post.
Cloudmark telemetry showed that “Oakley and Ray Ban sunglasses were by far the most common among them, probably because it is summertime.”
The researchers say that, in this case, 59% of the spam can be attributed to different Chinese emails and domains. They could not confirm if these location have been compromised or have been set up by the perps themselves.
However, the authenticity of the online stores promoted through this campaign is quite shady, as the product images posted are of low quality and appear to have been taken from various online locations.
Landesman recommends users to stay away from offers that appear too good to be true, because they may be used to attract unsuspecting users into a scam.
One example of a website used in this campaign is “sunglassesstore-us.com,” which purported to sell original Oakley products. Luckily, it has been shut down, pursuant to a U.S. federal court order because it sold counterfeit goods.
However, another website, “michaelkorsstore-us.com,” is still alive and promises original products at less than half the price. It even has the McAfee Secure badge and the Trustwave seal for secure connection plastered on it. Needless to say, there is no encryption in place for the communication to this address.