Summary: Lucid, a new phishing-as-a-service platform from China, is being used by hackers to send more than 100,000 scam iMessages per day to iPhone users. The platform is using iMessages to bypass Apple’s spam and scam filters. Threat actors are using temporary Apple IDs in massive iPhone farms.
Earlier this year, a report suggested that scammers found a way to target Apple iPhone users by sending fake messages via iMessage. Threat actors were using Apple’s encrypted messaging app to send scam messages containing phishing links. Now, a report by the security research firm Catalyst suggests that hackers are using massive iPhone farms to send thousands of scam iMessages every day.
Hackers using phishing-as-a-service platforms to send scam iMessages to iPhone users
Threat actors can now sign up for phishing-as-a-service platforms (PhAAS) to attack iPhone and Android phone users. A new PhAAS called Lucid from China provides iPhone farms—banks of devices equipped with rotating temporary Apple IDs—that send over 100,000 scam iMessages every day.
Using the service, hackers can bypass spam and scam filters implemented by Apple and mobile carriers. Since the iMessage app encrypts messages, telecom operators and even Apple cannot access their contents. As a result, they remain undetectable and unblockable. Lucid stands out as one of the sophisticated PhAAS platforms run by Chinese-speaking threat actors. The service targets 169 entities across 88 countries globally, suggests the report.
Apart from iMessage, Lucid also leverages Android’s RCS (Rich Communication Services) technology to bypass traditional SMS spam filters. This significantly increases the delivery and success rates of phishing attacks. The group behind Lucid even offers templates that scammers can use to make convincing-looking replicas of legitimate websites.
Ways to protect yourself from scammer attacks
Some iPhone users may feel safe when getting an iMessage because of Apple’s security measures. However, the scammers are taking advantage of this “psychological vulnerability” as a social engineering method. One of the best ways to protect yourself from scammer attacks is by never opening a link you get in text messages. Always check the URL if you absolutely need to open a link.
Also, always carefully read the message, and if you notice poor writing, typos, misspellings, or bad grammar that makes it feel automated, don’t trust it. It is also advisable to install the iOS security patches as soon as Apple releases them.
2025-04-02 15:04:37