Be careful how you text.
A recent warning on texting from the FBI sparked a lot questions from consumers.
📺 24/7 Chicago news stream: Watch NBC 5 free wherever you are
NBC 5 Responds looked into what’s behind the recent alert and the easy steps you can take to protect your text messages.
It all start in November, when U.S. intelligence agencies announced hackers affiliated with the Chinese government were able to steal call records and the private text messages of American citizens as part of a cyber espionage campaign. That prompted the FBI to issue a warning about everyday texting.
Texts between an iPhone and iPhone or Android and Android were encrypted, or secure.
But the FBI warned that text messages sent between iPhone and Androids don’t have that same automatic encryption. And that means those messages could be intercepted by scammers. Those bad actors fall into two categories, according to FBI Assistant Special Agent Jay Patel.
“One [group] would be the financially motivated, loosely organized groups that are here in the U.S. and overseas in different countries. And then the other part would be nation state threat actors that are funded and backed by established governments,” Patel said.
The FBI said journalists, politicians, and those in various branches of government have specifically been targeted by the latter group of bad actors. But Patel warned everyone should be on guard.
After all, we often rely on our phones for two factor authentication if we’re resetting a password or logging into a secure bank account- and Patel said it’s possible for those types of authentication texts to get stolen, because they’re usually not encrypted.
“A lot of the dual factor authentication relies on your cell phone, right? So you type in, you want to reset your password or type something in, it sends you a text message and that text message usually comes in a clear form like an SMS, right? So you get a code and you enter that code in,” said Patel.
And that’s not the only way hackers try to get access to your accounts. Patel said some scammers may simply trick you into giving up that two-factor authentication information, instead of hacking into your text messages.
“A lot of these threat actors use social engineering techniques. So once you get that text message, they’ll say, ‘Hey, you won the lottery. If you could give me that next message that you’re going to see with that number and you respond right away, you will win something,’” said Patel.
Patel said the simplest way to secure your text messages is to use a free encrypted messenger, like Whatsapp, Telegram or Signal, among others.
“The threats are pretty dynamic and what is secure today is not secure tomorrow,” said Patel.
The FBI also advises turning off your devices every few weeks, and allowing automatic updates on smart phones. Patel said this can close the door on a threat that’s already been