Short Message Service (SMS) is a text messaging service that is used by mobile devices (usually cellphones) to exchange short text messages between each other.
What causes this exploit is how Apple iOS implements User Data Header (UDH) of the text messaging service, which allows the phone number the text is suppose to be sent from, to be changed to another number.
A scammer can use this exploit to send a message to his victim with a link to a phishing (malicious) website and change the telephone number the text is being sent from, to the victim's bank or other trusted institutions telephone number.
Phishing is an attempt to acquire information such as usernames, passwords, credit card and personal information by impersonating legitimate websites.
The victim will click on the link not knowning it goes to a malicious website and trusting it is safe because the text message appeared to have came from their bank or another trusted institution.
After clicking on the malicious link, the victim maybe taken to the phishing website and ask to enter their username, password, credit card and personal information. If the victim enters his/her information, it will be sent to the scammers behind this exploit which will be use to defraud the victim.
This technique of changing the phone number that a text message is being sent from, is called SMS spoofing. Your computer's IP address, cellphone number and email address can also be spoofed.
Please be careful when clicking on links in a text or e-mail message. Ensure that your address bar has the correct website address.
For example, if you are asked to login to your hotmail account, ensure that the address bar has the address live.com and no other addresses.
Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search
Note: Some of the information in samples on this website may have been impersonated or spoofed.
Comments, Questions, Answers, or Reviews
To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews. NB: We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.
Your comment, answer, or review will be set as anonymous because you are not signed in. An anonymous comment, answer, or review cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.
Write Your Comment, Question, Answer, or Review