According to renowned iPhone hacker Pod2g, a person with bad intentions could send a spoofed message to an iPhone user and specify a fake reply-to number. Apple has responded to these claims, noting that iMessage is the way to go, as any cell phone is susceptible to such attacks.
After Pod2g detailed his findings on his blog, Engadget reached out to Apple for a statement which apparently they got today.
Apple said the company takes security “very seriously,” adding that “When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks.”
Apple outlined for the tech blog that “One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they're directed to an unknown website or address over SMS.”