iMessage spam is real: here is what you can do about it

By , Aug 19, 2014

iMessage spam

iMessage spam accounts for 30% of all mobile spam messages, according to security researcher Tom Landesman. This is part of a growing trend that started in the recent months where spammers collect phone numbers or email addresses linked to iMessage to send Apple users unsolicited messages in the hope they would click on links and purchase whatever the spammers are trying to sell.

According to Wired, who cites Landesman, setting up such a spamming campaign can be as easy as collecting email addresses and phone numbers from around the web, and use AppleScript to write a few lines of codes and automate the mass iMessage spamming.

In this post, we’ll share a few tips about how you can protect yourself from iMessage spam.

Block the sender

The first thing you want to do when receiving unsolicited messages is to block the sender. The ability to block someone is a recently new feature as it was introduced along with iOS 7 in 2013. We previously went over how to block someone from contacting you. Whether it is a phone call, message, or FaceTime call, iOS gives you the option to make sure this person can never contact you again.

Step 1: In the Messages app, select the spammy message conversation.

Step 2: Tap “Contact” in the upper right corner of the screen.

Step 3: Tap the “i” icon directly under the Done button.

Step 4: Scroll down and tap “Block this Caller.”

The sender will still be able to send messages, but these messages will never make their way to you.

The downside of this method is that spammers use multiple email addresses to send their messages from, which means that they’ll probably still be able to contact you from a different email address if they want to.

Show alerts from your contacts only

If blocking the sender didn’t work for you, you can start taking more drastic measures by allowing notifications from contacts that are in your address book only. By following these steps, you will make sure that you will only get notifications from the people that are in your address book.

Step 1: Go to Settings > Notification Center.

Step 2: Scroll down and select the Messages tab.

Step 3: Scroll down and select Show Alerts from My Contacts.

There are two downsides to this method. First, you will still receive those spam messages. Your phone won’t ring or show any notification, but every message will still be logged in your Messages app. The second downside is that if someone who’s not in your address book sends you a text message, you might miss it, or at least take a while to realize you received a message from a legit person.

Report to Apple

Back in July of last year, Apple introduced a way to report spam messages directly to them. Admittedly, this is a very cumbersome way to report spam, and Apple should definitely find a better way, but here are the steps you should follow:

Send an email to imessage.spam@iCloud.com including:

  • A screenshot of the spammy message
  • The email address or phone number of the spammer
  • The date and time the spam message was received

The downside is obviously that it’s a painful process. According to the Wired article referenced above, it takes Apple several days to act on those spam reports, really questioning the efficiency of this process.

Turn off iMessage

Drastic times call for drastic measures… If you’re Messages app is overflowing with spam iMessages, maybe you should consider turning off iMessage altogether and rely exclusively on SMS to send messages to friends and family.

You can turn off iMessage by going to Settings > Messages > and turn iMessage off.

This will prevent you from sending iMessages over cellular or Wi-Fi, but at least you won’t be receiving spam anymore.

As you can see, there is no real guaranteed way to prevent you from receiving iMessage spam, unless you want to go thermonuclear and turn off iMessage altogether. Hopefully, Apple will work on putting better systems in place that will flag and block spammers, or at least allow you to report spam in a more efficient way.

Photo: Casey Morell

  • Share:
  • Follow:
  • hdofu

    I recommend iblacklist be your spam be iMessage or phone calls

  • http://www.eazycomputers.com/ PhoneTechJay

    While I’ve never came across this I do appreciate the tip. There a lot of people who still don’t know about the block list. If jailbroken iBlacklist is much better.

  • Ratoo

    So, what bother Chinese iPhone users for more than 2 years finally invade here. And Apple isn’t building a cloud based SMS filter like a mail spam filter is painful for this.

    Facts and tips:
    1. Blocking is useless, they have tons of mail address/Apple ID.
    2. The simplest way to avoid this is stop using phone numbers as iMessage ID, (If you don’t use Kuaiyong/25pp etc. which collect user’s Apple ID and you deserve these spams) that could be inconvenient, but better than other options. (For me, if a contact only know my number, I would rather be a green bubble anyway.)
    3. Apple is not sitting this, They block the iPod touchs spammers are using constantly. (It’s not actually come from Mac+AppleScript)

  • Satrop 

    I have been hit by this and very similar iMessgae spams. Each time I report and black list the email addie that they come from, but each time its a new email address.

  • http://facebook.com/lodigabriel Gabriel Lodi

    Well, at least here in Brazil I never had this problem.
    And It’s a fact that this comes from China.
    It has to be, always, chineses.
    For real, this tecnology is a fact for them FOR YEARS! But they still continue with this crappy spam and trying to make us install programs that we don’t use.
    Just see Baidu Antivirus and HAO123.
    This needs to regulated there! It’s causing problems in every country in the world.

  • jack

    so real I’ve never seen it nor know anyone who’s seen it..

  • http://facebook.com/lodigabriel Gabriel Lodi

    I do believe this is happening, mainly, to people who has jailbroken devices.
    Since that jailbreak tool that came with that chinese “App Store”, I didn’t jailbreak my devices, and I won’t do it for a long time.
    I don’t trust Pangu team as I used to trust iPhone Dev Team, Geohot and other great people who didn’t had intention$, just wanted to help.

    • http://www.idownloadblog.com Sebastien

      These are some strong assumptions. I think Pangu has been under enough scrutiny from the security community to the point where it’s very safe to say this tool is 100% safe.

      • http://facebook.com/lodigabriel Gabriel Lodi

        I’m saying Pangu ’cause it’s the latest team to release a tool.
        But it’s not a secret that the jailbreak community has changed a lot. Since that competition to see what team would release a jailbreak tool to iOS 7 first, became obvious that help the community and the pleasure of hacking are not the most important thing.
        I don’t remember hearing about malwares on jailbroken devices when I had jailbroken devices using JailbreakMe and Geohot’s ra1n tools. At least not as much as I hear now.
        Of course, this is our fault. We were always b***hing about how long would a jailbreak tool take to be released and not always giving the right recognition to the guys who werw doing that for free and for fun.
        I said it and I repeat it, It’s not hard to get an Apple ID from a jailbroken device. Maybe any of those Touch ID tweaks can do it, put then on a list and sell to some chinese website that sells fake produts.
        Since that TaiG thing, I don’t jailbreak any of my devices and, despite missing BiteSMS, I’m not missing it.

      • Kr00

        Umm, no, its not easy to get an Apple ID from a jailbroken device. All that information is encrypted on the device and on Apple servers. If you know of how easy it is done, please provide the details or a tutorial.

      • http://facebook.com/lodigabriel Gabriel Lodi

        You mean the passwords, right?
        An Apple ID email is piece of cake for any talented hacker. And that’s exactly what spammers wants.

      • Kr00

        What the hell are you talking about? Do you know what you’re talking about?

        You still haven’t proved how its done, If its a “piece of cake”, why don’t we hear of massive hacking attacks?

        You seem to think you know what you’re talking about but have absolutely no idea, just a belief. Again, if it a piece of cake, tell us how.

        You can’t just claim something without proof. And before you try to throw more BS at me, I’m a programmer of over 28 years, so I do know what I’m talking about. I await your explanation of such ease of hacking.

    • http://www.eazycomputers.com/ PhoneTechJay

      My 5S has been jailbroken since the release of pangu and redone after each update, I have not received any of these spam messages. Nor has the countless other devices I have jailbroken with pangu. It comes down to there Apple ID since these are sent via iMessage if ‘m not mistaken…

      • http://facebook.com/lodigabriel Gabriel Lodi

        An Apple ID might not be the hardest thing to get from a jailbroken device.

      • http://www.eazycomputers.com/ PhoneTechJay

        Pretty sure it is not hard at all but I doubt those devices are sent spam because they chose to jailbreak them either. For example the one in the photo doesn’t look jailbroken at all.

  • Rupinder S

    Not jailbroke. Got this message, reported it to Apple within 5 minutes, never received another one.

  • Drake Miller

    I got the exact same message, I was very confused, thanks for your help!

  • Latrese

    It’s be awesome if there was a way to only accept messages/calls from certain area codes

  • Jonathan

    Wow, really? I have never received a spam.

  • Riar Jotz

    Check this out guys ..?

    Is it real ? Barrel jailbreak tweak on App Store ??

    • Yaseen AlSuwaidan

      See the reviews, it is a SCAM. It does not do anything.

  • Riar Jotz

    Screenshot

  • abdullah575

    they will send you from a new number !!