You have been warned — delete them immediately.
Anadolu Agency via Getty Images
Updated, Oct. 25 with a new report into Chinese attacks against U.S. citizens.
There’s a billion-dollar scam sweeping across America, and the chances are that it will target someone you know if it hasn’t already. The attack works by remotely watching what you do on screen as you log into your bank, before stealing all your savings. The FBI warns there are messages you must delete to ensure you do not fall victim.
Whilst this “Phantom Hacker” scam usually tricks you into installing software to give an attacker eyes on, we’re now seeing the attack move to WhatsApp, where it can abuse the platform’s little-known screen sharing feature without you needing to install anything.
Now Meta is fighting back. “On WhatsApp, we’re launching warnings when you attempt to share your screen with an unknown contact during a video call. We know scammers may pressure their targets to share their screen to trick people into giving away sensitive information including bank details or verification codes.”
The alert warns you should only share your screen with people you trust. If this is from any kind of unsolicited contact, whether a bank or tech support desk or anything else, do as the FBI says and cancel the screen share and delete all messages received. You do not want numbers or links on your phone, or any sense this is a known contact.
Media headlines through the summer (1,2,3) also reported the FBI warning iPhone and Android users to delete malicious texts on their devices. These texts include infamous unpaid tolls and DMV fines, as well fake support desk and bank messages.
But sometimes those messages are not what you’d expect. Not fake toll agencies or banking reps, but something much more deceptive. A message that comes from your own friend or relative on WhatsApp with an urgent warning to act now.
“Just a quick heads up,” a WhatsApp message might begin, “today on the radio they were talking about WhatsApp Gold. There’s a video coming out tomorrow on Whatsapp called Martinelli. Don’t open it. It gets into your phone and nothing you do can fix it.”
Delete any message like this.
The message will be forwarded by someone you know, telling you to “spread the word if you know anyone,” and that “this may be true, but better to be safe than sorry.”
These Martinelli and Gold warnings are trash. There is no danger, other than the message itself which is viral by nature. The lures have been running for almost a decade and have now hit millions upon millions of phones around the world. Unless there’s a link in the message it’s not a threat, but delete it anyway — it needs to end with you.
Meanwhile, a new report from Palo Alto’s Unit 42 highlights the staggering scale of the Chinese text threat against American citizens that has prompted multiple FBI warnings. This industrial scale threat continues to get worse.
China’s smashing ecosystem
Unit 42
“We have uncovered that the smishing campaign impersonating U.S. toll services is not isolated,” the researchers warn. “It is instead a large-scale campaign with global reach impersonating many services across different sectors.”
The U.S. is the primary target for these attacks, which leverage a Chinese-made kit to adapt to new lures, incorporating countless domains and SIMs to dispatch messages. The attacks also leverage U.S. cloud-based infrastructure to operate.
“We advise people to exercise vigilance and caution,” Unit 42 says. “People should treat any unsolicited messages from unknown senders with suspicion. We recommend that people verify any request that demands urgent action using the official service provider’s website or application. This should be done without clicking any links or calling any phone numbers included in the suspicious message.”
The FBI agrees — and urges you to delete all those messages as well.
