Apple on Saturday responded to reports of a vulnerability to SMS spoofing that can be done to users of the company’s iPhone.
“Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks,” an Apple representative told The Loop. “One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they’re directed to an unknown website or address over SMS.”
There is a key point in what Apple told me. A lot has been written in the press about how the “iPhone” has this problem, but Apple isn’t alone.
The vulnerability is not with the iPhone, but rather with the SMS technology. The iPhone is not alone in being susceptible to this type of attack — all phones that use SMS can be tricked in the same way. That’s why the verification and security of using iMessage is so much better.