A simple bit of text allows spammers to force your iPhone to call a malicious number. The trick uses what’s known as a web handler, which is a bit of text that gets interpreted into a command. Using the “tel” web handler, spammers can force your phone to call a number as soon as you view the message. This type of scam is profitable for spammers, as calling a premium phone number could automatically charge your phone bill.
These types of attacks are nothing new; In 2012, Samsung phones were affected by a similar vulnerability that allowed someone to trigger a factory reset of a phone using a line of text in the dialer.
Apple isn’t the only one to blame for this vulnerability. App developers can and should be including protection against these types of hacks by warning users with a prompt. Apple could build a dialog system into iOS as well.
In the meantime, do not open messages from people you don’t recognize.
Source: Algorithm.dk
Via: Engadget
Related Stories
Sony Entertainment Network and Battle.net back online after DDoS attack
‘Anonymous’ social networks like Secret fail to provide anonymity
The Windows Store is full of fraudulent apps and Microsoft doesn’t care
Google Chrome blocks software designed to trick you
Adobe releases critical patches for Flash Player, Acrobat and Reader
Follow Lewis on Twitter: @lewisleong