FBI Warning—All Smartphone Users Must Delete These Messages

The threat is worse than the headlines suggest.
A raft of news stories this week (1,2,3) report on the FBI warning 150 million Apple users to delete texts on their iPhones. Unfortunately the reality is even worse than those headlines suggest. Here's what you need to know and what you should do.
Right now, your cell phone is vulnerable to an ongoing attack that will come to you by way of text messages warning of dire consequences if you don't respond right away. Text messages that include links to pay outstanding bills or fines.
All of this is made up, of course, but you pay nonetheless because you're worried — that's the idea. These messages include unpaid tolls and newer DMV traffic offenses, but will soon widen the net to mimic texts from your bank or credit card company.
It's against this backdrop that we have seen headlines urging America's iPhone users specifically to delete the latest raft of DMV texts as soon as they're received.
The malicious texts are sent courtesy of organized Chinese criminal gangs that operate beyond the reach of U.S. law enforcement. They harness countless phone numbers from multiple countries and domains from multiple providers.
Despite network filtering and iOS and Android spam detection, the tidal wave of texts seemingly can't be stopped. Google has confirmed new AI-powered scam detection on its phones, and we await to see if this filters the threat or can be worked around.
The FBI's warning to delete all these co-called smishing texts came in an advisory last year, issued in the wake of the original unpaid toll scam that has now swept across America from state to state. Any such texts, it said, should be deleted from phones.
But that applies to iPhone and Android users — to all smartphone users. There are some iPhone specifics — the OCGs prefer iMessage to SMS, albeit they like RCS as well, and the texts often include instructions to 'Please reply with 'Y'' to get around iPhone's link blocking from unknown senders. But the the attack targets all users indiscriminately.
As I reported a week ago, the FBI has confirmed it is now investigating the latest plague of DMV-themed texts, which is unsurprising. The volume of those texts in particular surged almost 800% in the first week of June alone, and has not slowed down since.
A single bad actor armed with numbers and domains can send as many as '60,000,000 texts a per month, or 720,000,000 per year,' if that helps explain why there's almost no one in America who hasn't yet received these texts or knows someone who has.
Whether it's an iPhone or an Android phone in your pocket, don't leave these texts undeleted and never ever click on any of these links.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Forbes

31 minutes ago

• Forbes

Google Confirms Most Gmail Users Must Upgrade All Their Accounts

Most accoiunts need an upgrade, says Google. Republished on June 21 with new advice after 'record breaking' security alert. Google has confirmed another atack on Gmail users this week. Yet again, its own infrastructure has been exploited to compromise user accounts. And yet again, it comes with another warning for users to upgrade their accounts — this is now a must. Earlier this month, I covered Google's warning that most of its users still only use basic password security and are wide open to data breaches and attacks. 'We want to move beyond passwords altogether," Google said, pushing users to replace them. Passkeys, it says, "are phishing-resistant and can log you in simply with the method you use to unlock your device (like your fingerprint or face ID) — no password required.' Put simply, this links account security to hardware security, and means there are no passwords to steal or two-factor authentication (2FA) codes to bypass or intercept. While that is critical for Gmail users, it's actually much wider. Google reached out to me after that article, to emphasize that the benefits are more significant for users: Adding a passkey to a Google account protects all the services and accounts that can be accessed by that sign in. Conversely, not doing so leaves all those other accounts at risk. Even if most user accounts were secured by passwords and 2FA codes, there would still be a push to passkeys. And while Google, Microsoft and others make 2FA mandatory, the reality is that there's still a risk that codes can be shared even if they can't be stolen. That was the crux of the latest Gmail attack, tricking users into sharing codes. Scams and Protections (June 2025) The raft of headlines around a new 16 billion record data breach should focus minds, even if 'this is not a new data breach, or a breach at all,' says Bleeping Computer. 'The websites involved were not recently compromised to steal these credentials.' Mashable agrees. 'Some commentators were quick to call it the largest password leak in history, and in terms of raw records exposed, that's mostly, technically true. However, these records did not come from a single breach — or even a new breach. Instead, they came from many smaller ones," with 'the end result more a 'greatest hits' rather than a new, noteworthy hack.' Albeit that doesn't change the fact the data is out there. Kaspersky says 'the journalists haven't provided any evidence of existence of this database. Therefore, neither Kaspersky's experts nor anyone else has managed to analyze it. Therefore, we cannot say whether yours – or anyone else's – data is in there.' But, regardless, Google's latest survey still paints a bleak picture. Although '60% of U.S. consumers say they 'use strong, unique passwords,' less than 50% 'enable 2FA.' The truth is that the only form of simple 2FA is SMS codes, which are sent quickly without having to exit the app or click or tap. They even autofill and often auto-delete. But SMS is woefully insecure, it's the worst possible 2FA option. And anything else — authenticator apps, physical keys, even trusted device or app sign-ins — is more painful. Passkeys are the opposite. They're even easier than passwords and SMS 2FA. The code (which you never see) combines your login ID, password and 2FA into a simple sign-in process authenticated by your device security — ideally biometrics. And because there is no code you can see or copy, you can't share the passkey even if you want to. Even if any of the underlying code is stolen, it only works on your actual device. Google is right — this is about much more than Gmail, even if those email account attacks generate headline after headline. While there are some misgivings about the dominance and data overreach in big tech using its span of control to sign you into multiple services, even those they don't own or control, it is more secure. As Kaspersky suggests, 'let's set skepticism aside. Yes, we don't reliably know what exactly this leak is, or whose data is in it. But that doesn't mean you should do nothing. The first and best recommendation is to change your passwords,' which is an obvious immediate step. But it doesn't solve the problem. 'Use passkeys wherever possible,' Kaspersky also tells users. 'This is the modern passwordless method of logging into accounts, which is already supported by Google, iCloud, Microsoft, Meta and others.' As Google says, 'when you pair the ease and safety of passkeys with your Google Account, you can then use Sign in with Google to log in to your favorite websites and apps — limiting the number of accounts you have to maintain.'

Yahoo

41 minutes ago

• Yahoo

An ex-college basketball player testifies that Sean 'Diddy' Combs got 'extremely creative' on drugs

NEW YORK (AP) — A former Syracuse University basketball player who worked recently for Sean 'Diddy' Combs as a personal assistant testified at the music mogul's sex trafficking trial on Friday that Combs got 'extremely creative' when he was on drugs. Brendan Paul, 26, was arrested last year at a Miami airport with cocaine he says belonged to Combs, and he testified with immunity about what it was like working for the hip-hop entrepreneur for a year and a half. Paul was arrested in March 2024 — the same day federal agents conducted multiple searches related to the Combs' investigation. Advertisement Prosecutors are winding down their case after six weeks of testimony from an array of witnesses ranging from ex-girlfriends and former employees to male sex workers and the rapper Kid Cudi. Ye, formerly known as Kanye West, even made a surprise appearance at the courthouse. The prosecution seeks to convince the jury that Combs oversaw a sprawling racketeering enterprise for two decades that relied on obedience by employees willing to do anything for him, including buying drugs when necessary. Defense lawyers say Combs did not commit federal crimes, although they acknowledge that prosecutors have exposed domestic violence during the trial. After pleading not guilty following his September arrest at a Manhattan hotel, Combs has been held without bail at a federal lockup in Brooklyn. Prosecutors were expected to rest their case by Monday. A defense presentation is expected to last from two to five days. Advertisement Paul said he bought drugs for Combs between five and 10 times, spending up to $500 for drugs including cocaine, ketamine, ecstasy and marijuana. He said he only did drugs with Combs once, when Combs asked him to try 'tusi,' also known as pink cocaine, to see if it was good. Paul said he did so because he 'wanted to prove my loyalty' and said he thought it was good. 'We continued on with our night,' he told Assistant U.S. Attorney Christy Slavic. Paul said that prior to his arrest, he had forgotten about the cocaine after collecting it while 'sweeping' Combs' room that morning and had accidentally left it in a bag he carried as he prepared to go on vacation with Combs and other aides. The charges were dismissed after Paul completed a pretrial diversion program. Advertisement Under questioning by defense attorney Brian Steel, Paul said his 'heart dropped' when he realized that there was cocaine in a travel bag after telling officers at the airport that everything in the bag belonged to him. Steel asked Paul if Combs was generally happy and didn't hurt anyone when he was on drugs. 'He got extremely creative,' Paul responded. At another point, Steel asked the witness: 'You would not work for a criminal, would you?' 'Absolutely not,' Paul responded. Slavic, though, elicited Paul's mixed feelings about Combs when the prosecutor asked him just before he finished his testimony: 'Sitting here today, how do you feel about Mr. Combs?' Advertisement 'It's complicated,' he answered. Paul, originally from Cleveland, was a 6-foot-2 guard who walked on at Syracuse University and came off the bench in 16 games over two seasons, playing a total of 17 minutes and scored just 3 points. He later transferred to lower-tier Fairmont State University in West Virginia, where he played for two more seasons. Michael R. Sisak And Larry Neumeister, The Associated Press

Yahoo

42 minutes ago

• Yahoo

Trust in AI is growing in finance, especially behind the scenes

This story was originally published on CX Dive. To receive daily news and insights, subscribe to our free daily CX Dive newsletter. A majority of customers trust the use of AI in behind-the-scenes tasks at financial institutions, according to a TD Bank survey conducted by Ipsos released Tuesday. Among the 2,500 U.S. consumers polled, 70% are comfortable with technology being used for fraud detection, and 64% are comfortable with it being used in credit score calculations. Consumers also believe that AI should offer more ease. Two-thirds believe it can expand access to financial tools, and nearly half expect benefits from AI like 24/7 banking access. As consumers have become more familiar with AI tools, their trust in the technology has slowly grown. Nearly 7 in 10 consumers say they are at least somewhat familiar with AI — a finding seen in other surveys, too. Notably, half of consumers trust that AI will provide reliable, competent information, trusting AI just as much as news stations. But consumers are more comfortable with AI in specific use cases and the more complex or sensitive the matter, the more they want to speak to a human or know that a human will be reviewing AI before making any decisions. Consumers are less inclined to want to only use AI when it comes to tasks that one might typically use a financial adviser for, according Ted Paris, EVP, TD Bank AMCB, and head of analytics, intelligence & AI. When it comes to personal finance, 3 in 5 of consumers were comfortable with the idea of using AI financial tools for budgeting and automating savings goals. But less than half were comfortable with more complex tasks like retirement planning and investing. Banks enjoy high consumer trust — more than 4 in 5 consumers trust banks for accurate information. As they deploy AI, it's important that they maintain that, Paris said. 'What's probably the key piece, is creating and enabling and allowing customers and colleagues to feel that they can trust the outcomes of what this capability then generates,' Paris said. One of the ways TD Bank is approaching this is by always having a human in the loop, meaning that the output of an AI solution will be passed through some internal expert before going to a client. 'We need to make sure that first, anything that we're doing is directed toward a particular need,' Paris said. 'We need to make sure that this is going to meet all hurdles that we would set, legal, regulatory, for security and privacy.' Sign in to access your portfolio