Apple Warns All iPhone Users—Do Not Reply To These Messages

Do not reply to these messages.

getty

Republished on August 30 with a new warning as dangerous messages surge.

Whether you’re buying a new iPhone 17 or upgrading your existing device to iOS 26, there’s one update that could be more critical than the rest. When you unbox your new phone or install the iOS update, you need to check one setting right away.

iPhone users are under siege from a plague of scam text messages that is now out of control. Designed in China and fueled by kits sold or rented to threat actors around the world, these attacks are disguised as unpaid toll, undelivered package or motoring offense lures. But beneath the surface they steal your money and your passwords.

ForbesIf You See This Number On Your Phone, Your Gmail Is Under AttackBy Zak Doffman

There has been criticism of networks for not doing enough to kill these texts before they reach your device. But criminal gangs stay ahead of this by revolving numbers and using farms of consumer devices to push out their messages. And so it falls to defenses on the phone to ensure citizens in the U.S., Europe and elsewhere do not fall victim.

Apple’s answer is the new scam warning coming to Messages with iOS 26, You can already filter messages from “unknown senders.” That’s helpful and there is some link protection, which is why you need to reply to a scam message to click on one. But iOS 26 goes further, differentiating between unknown senders and spam, including scams.

Per 9to5Mac, “Apple is applying two specific restrictions to messages in the ‘Spam’ folder, which will make it harder to fall for potentially malicious texts.” One is the current link block, but the other is actually more significant.

“Users can’t reply to messages in the Spam folder,” 9to5Mac explains, “which makes it harder to engage with a potential scammer. And while it’s easy to move a message from ‘Spam’ back to the main Messages view, that small bit of friction can go a long way in helping users avoid accidentally falling for a phishing attempt.”

Text scams either need you to click a link or — increasingly — just reply. As I’ve warned before, that’s behind the short, sharp curiosity texts designed to spark up a discussion and lead you blindly into a trap. “Hello.” Or “Sorry I’m running late.” Or “What time is the restaurant booked for tonight?” Or multiple similar themes.

Such is the seriousness of Apple’s warning that such messages may be harmful, you can’t reply even if you want to. You need to make a decision to correct Apple’s inherent warning that the message is unsafe, and physically move it to another folder.

Apple’s move is welcome and reflects the warnings from the FBI, FTC and others — do not reply or otherwise engage with texts from unknown senders until you can verify who it is. Replying with “Who is this?” does not count as independent verification.

“If you have a cell phone, you probably use it dozens of times a day to text people you know. But have you ever gotten a text message from an unknown sender?” FTC says. “It could be a scammer trying to steal your personal and financial information.”

The scale of current text attacks is beyond the imagination of most of us — literally billions upon billions of messages sent. And plenty get through. Google and Apple are now acting to keep you safer. Make sure you enable this setting. And meantime, even ahead of iOS 26, heed Apple’s warning and do not reply to unknown senders.

Meanwhile, Trend Micro has issued a new scam text warning with advice on what to watch for — exactly the kind of attack Apple’s new filter should block.

“Received a text message claiming to be from FedEx Ground,” the team warns, “saying your package delivery failed and you need to reschedule? Watch out, it’s likely a scam!”

The frustration with such scams is that they’re easy to detect if you know the red flags, and so an automated filter and especially one that powered by AI should find this easy.

Trend Micro offers “some common red flags” of such scams, which help iPhone users stay safe ahead of the release of iOS 26 in a few weeks.

1. “Fake delivery notifications
2. Fake delivery sites that look real
3. Requests for credit card info.”

ForbesGoogle Confirms Play Store Deletion—Remove Apps On Your PhoneBy Zak Doffman

At first look, the latest FedEx scam “might look realistic,” Trend Micro says, “but if you take a closer look, you’ll notice the included links don’t lead to the official FedEx domain (fedex.com). If you tap on one of the links, you will be taken to a fake FedEx website that can collect your personal information and even your credit card credentials.”

If you have any doubts about the legitimacy of a text message regardless of its subject matter or what it’s asking for, the FTC says, “contact the company using a phone number or website you know is real. Not the information in the text message.”