The Federal Bureau of Investigation (FBI) has recently issued a warning to iPhone and Android users, urging them to stop sending text messages due to significant security concerns14. This advisory comes amidst a series of troubling incidents involving offensive and racist text messages targeting various communities across the United States.
The FBI’s warning stems from the vulnerability of text messages to interception and exploitation by malicious actors. Traditional SMS (Short Message Service) texts are not encrypted end-to-end, making them susceptible to various forms of cyberattacks1. This lack of security poses risks for personal information, financial data, and even two-factor authentication (2FA) codes sent via text.
In a disturbing turn of events, the FBI has been investigating a wave of racist text messages sent to Black Americans across at least 32 states and the District of Columbia5. These messages, which began appearing shortly after the 2024 presidential election, contained derogatory language related to slavery and plantations3. The texts targeted individuals of various ages, including college, high school, and middle school students3.
The scope of these offensive messages has since expanded. The FBI reported that individuals from Latino and LGBTQ communities have also been targeted with derogatory texts6. Some recipients received alarming messages claiming they had been selected for deportation or instructed to attend re-education facilities6.
The FBI is actively investigating these incidents in collaboration with the Justice Department, other federal authorities, and local law enforcement agencies25. While the origin of these messages remains unclear, some have been traced to TextNow, a service that allows users to create phone numbers for free5.
This series of events highlights the broader cybersecurity concerns associated with text messaging:
- Lack of Encryption: Standard SMS messages are not end-to-end encrypted, making them vulnerable to interception.
- 2FA Vulnerabilities: Two-factor authentication codes sent via SMS are at risk of being compromised through various attack vectors, including SIM swapping1.
- Phishing Risks: Text messages can be used for phishing attempts, tricking users into revealing sensitive information or clicking on malicious links.
In light of these concerns, cybersecurity experts and the FBI recommend the following:
- Use Encrypted Messaging Apps: Opt for apps that offer end-to-end encryption, such as Signal, for sensitive communications1.
- Avoid SMS for Sensitive Information: Refrain from sending personal, financial, or sensitive data via text messages.
- Enable Strong Authentication: Use app-based or hardware token 2FA methods instead of SMS-based 2FA whenever possible.
- Be Vigilant: Stay alert to suspicious or unsolicited text messages, especially those containing unusual requests or links.
- Report Incidents: If you receive offensive or threatening messages, report them to local law enforcement and the FBI.
The FBI’s warning about text messaging security, coupled with the recent spate of offensive texts, underscores the evolving landscape of digital threats. As technology advances, so do the methods employed by malicious actors. It is crucial for users to stay informed about these risks and adopt more secure communication practices to protect their personal information and maintain their digital safety.
