China-based counterfeiters are spamvertising knock-off designer goods using Apple iMessage instead of using conventional email spam runs.
iMessage has been hit with the single largest US mobile spam campaign this year. The campaign, which has been going on for months, was large enough to account for more than 80 per cent of all reported mobile messages in the US, according to messaging security outfit CloudMark.
A test purchase by cloudMark of a knock-off designer bag revealed that counterfeit merchandise was delivered, evidence that the crooks behind the scam are not simply interested in stealing the credit card numbers of "bargain hunters" prepared to risk buying goods promoted through iSpam. Purchasers are likely to be disappointed by the quality of the goods they receive, however, as a blog post by CloudMark explains.
Shipped from Suzhou, China, a fake Michael Kors bag came with numerous and humorous defects that left it looking more akin to a child’s toy purse than a high quality designer bag. The messages themselves also hailed from China with the majority of email domains being popular Chinese webmail services used to sign up for the perpetrating Apple IDs. In recent months, legal teams representing the various brands have taken notice and begun aggressive takedowns on the fake sites in question.
The registrants of these imposter domains were all of Chinese origin with IP addresses and names from China, with one exception. Analysis of the various email domains associated with the Apple IDs reported blasting out this iSpam also revealed that many were from popular Chinese webmail sites. During its peak, 59 per cent of senders were Chinese email addresses. Tracking information for these packages revealed that they were shipped from somewhere within roughly three hours of Suzhou, China, according to CloudMark.
Tom Landesman, research analyst at Cloudmark, said that iMessages are cheaper and easier to send than text message spam.
"iMessage is far cheaper (read: free) to use for rather than the cost of sending international texts or just buying the SIM cards to do so," Landesman told El Reg. "This could all be set up without the need to purchase additional hardware and Apple Scripts, make sending iMessages incredibly simple — just 4 lines of code."
Sending junk messages using iMessage also offers a means to generate a list of actively used (hot) iPhone phone numbers that spammers can then resell to other crooks, he added. Working out a list of actively used numbers is possible because of the received/read receipts that iMessage puts out by default.
CloudMark witnessed a similar but smaller scale iMessage spamming campaign around Thanksgiving last year. The earlier campaign also punted designer knock-offs but focused on prospective marks in and around Los Angeles and New York City, while the latest campaign is US-wide. ®