Delete all these texts.
getty
You have been repeatedly warned — your smartphone is under attack from malicious texts which China’s organized criminal gangs have turned into a ruthless, billion-dollar industry. The red flags are easy to detect — if you know what to look for.
The latest warning targets New Yorkers, where the fictitious New York Department of Revenue has become the latest real or imagined organization to lure victims. This joins countless DMVs, toll road agencies, package delivery firms and support desks.
ForbesDo Not Use Google Chrome On Your iPhone, Warns Apple—‘Known Trackers’By Zak Doffman
Thomas DiNapoli — the State’s Comptroller — warns citizens “We’re seeing an increase in fraudulent texts and emails claiming to come from the New York Department of Revenue. Did you get this text? If so, you’re not alone but it is a scam.”
The usual caveats apply. We’ve seen the same from dozens of state DMVs and toll agencies, federal, state and local law enforcement agencies, and a raft of others. The agency “will NEVER ask for your private information or payment through an unsolicited text, email or phone call.” Ditto your payment card details or passwords.
DiNapoli points out the red flags, two of which always mean an attack. The first is an overseas number. No U.S. federal or state agency will text from a number that isn’t a short-code or that begins +1. The number shown is the Philippines, one of the countries where banks of phones with consumer SIMs churn out malicious texts by the millions.
The second is the top-level domain (TLD), the identifier after the final dot in the link that originates the domain’s issuer. Mainstream organizations will use a dot-com whilst government agencies will use a dot-gov. A random domain — such as the dot-cc here or the likes of dot-top or dot-win or dot-xyz — is a blatant sign the text is an attack.
As I’ve warned before, sometimes scammers will disguise the TLD with hyphens to introduce “gov” or com” into the link, aiming to trick a casual glance. Make sure you check carefully, although the real advice is never to click any such links.
ForbesMicrosoft Teams Starts Telling Your Company If You’re Not At WorkBy Zak Doffman
Increasingly, Google and Apple will filter out such texts from unknown numbers or with recognizably scammy content, so they won’t appear in your inbox and links will be disabled. But those filters are not yet universal, and not everything is caught.
While it’s easy to ignore these texts and leave them as digital litter on your phone, the FBI’s advice is to delete all such messages from your phone. The malicious links don’t persist long before being blocked centrally, usually just a few hours, but no good can come from keeping any of this on your phone.