More ways for texts to get yucky.
(Credit: CNET)
Yesterday I reported on revelations that iPhones may be particularly vulnerable to an SMS spoofing attack. Basically, because of the way iOS handles text headers, a nasty person could manipulate the "reply-to" number to appear to be someone they're not, like a financial institution.
After a hacker revealed the vulnerability earlier this week, Engadget received this response from Apple on the matter:
Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they're directed to an unknown Web site or address over SMS.
No comments:
Post a Comment