Apple's iMessage used to be one of the better and safer ways to communicate outside of carrier-based text messaging. But according to security researcher Tom Landesman of anti-spam company Cloudmark, iMessage is now responsible for more than 30 percent of all spam delivered to mobile devices.
As Landesman recently told Wired, the iMessage platform is of particular interest to spammers for a couple of different reasons. For starters, iMessage has a broad user base across the iPhone, iPad and Mac so there's no shortage of targets.
Because the desktop and mobile worlds are now so closely related, it's incredibly easy for a spammer to send messages. How easy, you ask?
According to the researcher, with four lines of code, using Apple scripts, a spammer can have their Mac send messages to whoever they want. Of course, one would need either a valid iMessage phone number or e-mail address to deliver the spam but that's pretty easy to solve, too.
Apple's desktop client instantly tells you whether or not the phone number you've entered is registered with the iMessage network. Using this feature, it'd simply be a matter of trial and error to create a list of verified iMessage recipients. What's more, the service even lets the sender know if the message has been read or not.
It's almost like a spammer's dream, he said.
Apple is aware of the situation and has implemented some steps in the past to limit iMessage spam but there's clearly more work that needs to be done.