An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message.
https://support.apple.com/kb/HT209193
https://support.apple.com/HT208743
https://support.apple.com/HT208742
http://www.securitytracker.com/id/1040744