Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Phishing Attacks Exploit RCS and iMessage to Evade Security

Phishing Attacks Exploit RCS and iMessage to Evade Security

Posted on May 26, 2026 By CWS

Cybercriminals are adopting new techniques to execute phishing scams, utilizing encrypted messaging services like Rich Communication Services (RCS) and Apple iMessage. This strategic shift allows them to circumvent traditional SMS filters, posing a greater threat to users’ financial security.

Evolution of Phishing Tactics

Historically, phishing relied on SMS messages, which are increasingly being blocked by carrier-level security measures. In response, threat actors have shifted to more sophisticated methods, using RCS and iMessage to deliver malicious links directly to phones. These channels’ encryption makes it challenging for security tools to detect and block such messages.

This development signifies a leap in phishing sophistication, as attackers aim for comprehensive control over victims’ financial accounts. The objective extends beyond stealing login details to executing unauthorized transactions, including ATM withdrawals and contactless payments, through a device the victim never interacts with.

Chinese-Language Phishing Ecosystem

According to a Google Threat Intelligence Group (GTIG) report shared with Cyber Security News, numerous phishing-as-a-service (PhaaS) platforms have emerged within the Chinese-language cybercrime ecosystem. These platforms are highly organized, making it easier for criminals to participate in credential theft on a large scale.

While Russian-speaking groups have traditionally dominated the PhaaS landscape, the rise of Chinese-language services demonstrates a growing competitive presence. These services operate independently, with unique structures and targets, and are notorious for openly discussing their illicit profits on platforms like Telegram.

Technical Evasion and Financial Exploitation

Phishing messages sent via RCS and iMessage appear more legitimate to the average user due to their polished presentation, including read receipts and high-resolution images. This legitimacy increases the likelihood of user interaction, helping attackers bypass multifactor authentication through real-time interception of one-time passwords (OTPs).

The latest phishing operations focus on digital wallet provisioning, enabling attackers to load a victim’s payment card onto their devices. Once tokenized, the card can facilitate high-value transactions without requiring the physical card, posing significant fraud risks.

A notable platform, YY Lai Yu, active since August 2024, offers extensive phishing templates targeting users globally. Experts recommend integrating FIDO2/WebAuthn authentication to counter OTP interception. Financial institutions should enhance security with risk-based verification and device fingerprinting during digital wallet setup to mitigate credential misuse.

Stay informed by following us on Google News, LinkedIn, and X, and set us as a preferred source for the latest cybersecurity updates.

Cyber Security News Tags:Authentication, Chinese cybercrime, credential theft, cyber threats, Cybersecurity, digital wallets, Encryption, financial fraud, Google, iMessage, OTP, PhaaS, Phishing, RCS, Security

Post navigation

Previous Post: Critical Flaw in LMS Exploited for Cyber Attacks
Next Post: Iranian Hackers Target Aviation with New Techniques

Related Posts

Critical Chrome 0-Day Vulnerability Exploited Worldwide Critical Chrome 0-Day Vulnerability Exploited Worldwide Cyber Security News
FortiOS SSL-VPN Vulnerability Let Attackers Access full SSL-VPN settings FortiOS SSL-VPN Vulnerability Let Attackers Access full SSL-VPN settings Cyber Security News
Critical Flaw Found in Fortinet FortiSandbox, Urgent Patch Required Critical Flaw Found in Fortinet FortiSandbox, Urgent Patch Required Cyber Security News
Chrome Security Update Patches Critical Remote Code Execution Vulnerability Chrome Security Update Patches Critical Remote Code Execution Vulnerability Cyber Security News
Reaper Malware Threatens Mac Users with Browser and Wallet Attacks Reaper Malware Threatens Mac Users with Browser and Wallet Attacks Cyber Security News
Attackers Abuse Discord to Deliver Clipboard Hijacker That Steals Wallet Addresses on Paste Attackers Abuse Discord to Deliver Clipboard Hijacker That Steals Wallet Addresses on Paste Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AI Gateways: Emerging Targets for Cyber Attacks
  • Hacker Server Leak Unveils Massive WordPress Breach
  • Critical Linux FUSE Flaw Allows Root Access
  • Laser Pulse Vulnerability in Tangem Wallets Exposes Security Risks
  • Critical GNU Guix Vulnerabilities Permit Remote Attacks

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AI Gateways: Emerging Targets for Cyber Attacks
  • Hacker Server Leak Unveils Massive WordPress Breach
  • Critical Linux FUSE Flaw Allows Root Access
  • Laser Pulse Vulnerability in Tangem Wallets Exposes Security Risks
  • Critical GNU Guix Vulnerabilities Permit Remote Attacks

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark