Last Updated:
iPhone and Android users face many security risks but when the FBI warns people, you should definitely give heed and avoid falling into the trap.
Smishing attacks have become serious for the FBI to warn smartphone users
The Federal Bureau of Investigation (FBI) is warning iPhone and Android users of ‘smishing’—a mix of text messages and phishing attempts. What is smishing? It is a form of attack where the hacker sends a text message via SMS, meant to trick receivers into revealing their personal information, such as passwords, credit card details, and other sensitive data. The term is thus a combination of SMS and phishing, referring to the tactics used for luring individuals into providing confidential information.
Reports say, cybercriminals have registered over 10,000 domains to fuel such scams, directly targeting iPhone and Android users with fraudulent messages that are designed in a way to steal personal information. The data has prompted authorities to caution recipients about deleting any such messages immediately.
As given in a report by Unit 42 at cybersecurity firm Palo Alto Networks, these scammers lure victims into providing their sensitive data, such as bank and credit card details. Besides fake toll payment notifications, the scams even extend to fake delivery service alerts.
For the past several months, state and local authorities have been raising alarms about the same, with the Federal Trade Commission (FTC) warning about the risks of financial theft and identity fraud from clicking on fake links in text messages, as per the New York Post.
Unit 42 has also identified multiple malicious domains, including China’s XIN top-level domain (TLD). Several US cities have been among the ones most affected by the scams, including Dallas, Los Angeles, Atlanta, Orlando and Chicago.
Smishing Attack Alert From FBI
The FBI has urged citizens to follow a few steps if they doubt a smishing attempt.
1. File a complaint with the Internet Crime Complaint Center (IC3) at provide details from the text message.
2. In case of toll payments-related messages, visit the legitimate toll service’s website or contact their customer service to verify the details.
3. Delete all the smishing messages with immediate effect.
4. In case of personal or financial data being compromised, take immediate steps to secure the account to stop unauthorised transactions.
The NY Post report adds how cybercriminals have been adopting a “mobile-first attack strategy” due to the vulnerability of users on small screens, thus putting iPhone and Android users at greater risk.
