Its a new year, but bad actors are still at it with an old trick repackaged for iPhone users. Bleeping Computer reports a rise in phishing attacks targeting iPhone users that involves tricking them into disabling built-in protections and clicking on malicious links.In an increasing number of cases, text messages appear to come from fake delivery agents posing as service messages from the U.S. Postal Service (USPS). Two Digital Trends contributors have received such sham messages recently in North America.Reddit / Digital TrendsWe have also come across reports of a similar tactic being deployed in other regions, including India, where online frauds are posing as DHL or FedEx employees.Recommended VideosAnyone fancy finding out who kathlyn afaf could be?They are trying to Royal Mail scam people but gone via iMessage so their email address has popped up pic.twitter.com/jr5yPGaA3O Sanny Rudravajhala (@Sanny_Rudra) January 11, 2024Please enable Javascript to view this contentFrom the user posts that we have seen on social forums so far, the tactic has been in use for at least the past couple of years. If you look closely at the samples attached below, you will notice a pattern in the scammy text messages:Please reply Y, then exit the SMS and open it again to activate the link, or copy the link to your Safari browser and open it.Reddit / Digital TrendsThis is a recurring theme, with slight modifications in the language. Reply with a Y looks harmless on the surface, but its a clever way of disabling the built-in phishing protection protocol on iPhones.Apple has created a system for iMessage that automatically blocks links in messages from unknown senders. You can only open those links if you add the sender to your contact list (identifying them as a known contact) or reply to it.Reddit / Digital TrendsWhen you reply to a message, as the fraudulent message asks, iMessage switches the bad actor to a known status. Now, the link is active. Once you tap on it, the URL opens in a browser of your choice.In some cases, the spammy message asks users to copy-paste the URL into the Safari browser. Now, where the link leads remains uncertain. As per a few reports, users are led to a page where they are required to enter their credit card information.Reddit / Digital TrendsIf you receive a text from a supposed mail service, do not reply or click on the link in the message. Start with the senders name or number. If theres a spelling error, or if its a personal number (or iCloud address), its certainly a sham.Also, pay attention to the country code. If its coming from another country, avoid interacting with it at all costs. If you have any active mail assignments, always check the progress or reach out to customer care via the details mentioned on the companys official website.Every time you receive a message from an unknown sender, the iMessage app shows a Report Junk option at the bottom, followed by the delete prompt in the next step. Do keep in mind that you cant report a message after replying to it.@IndiaPostOffice I received this today, I know its some kind of scam as it is asking for 25 rs directly and its sent using iMessage using thus mail id but still I want to confirm this with officials. @Cyberdost pic.twitter.com/4FXX7UZMjT Vikash Gathala (@vikashgathala) May 30, 2024If you havent opened the message yet, simply swipe left on it, select the Bin-shaped red delete icon, and then select Delete and Report Junk. As an added layer of assurance, you can also go ahead and block the sender.A few weeks ago, the governments Cybersecurity and Infrastructure Security Agency (CISA) released a detailed advisory on keeping your phone safe from all kinds of cyberattacks. We compiled the core findings for an average smartphone user, and you should check that out to cultivate safe digital habits this year.Editors Recommendations