Did you get a weird text about your phone being hacked or a strange package delivered to your door recently? You’re not alone. The FBI is sounding alarms about scammers using unfamiliar devices and tech-related tricks to steal money from unsuspecting people. These scams are getting more clever by the day, with criminals pretending to be tech support, government officials, or even your bank. They might ask you to buy unusual gadgets, hand over control of your device, or respond to fake emergency messages. Let’s break down what the FBI is warning us about and how to keep ourselves safe.
Beware of couriers picking up gold bars
Imagine getting a call from someone claiming to be from Microsoft saying your computer has a virus. They sound professional and know just enough about you to seem legitimate. Then things get weird – they tell you your bank account is at risk and the only way to protect your money is to withdraw cash, buy gold bars, and have someone pick them up from your home. This might sound too strange to fall for, but seniors across South Carolina have lost over $9 million to this exact scam between January and November last year.
The FBI reports that these scammers are running a multi-layered con that can last for weeks or even months. They start with a fake tech support call, then escalate to impersonating government officials or bank representatives. After gaining your trust, they convince you to make unusual purchases like home safes or gold bars, which a “courier” conveniently offers to pick up. Never agree to hand over valuables to strangers who come to your home, no matter how official they claim to be.
Don’t text sensitive information between phones
Do you regularly text back and forth between iPhones and Android devices? The FBI has identified a major security risk here. Foreign hackers, particularly those connected to the Chinese government, have been running what the FBI calls a “broad and significant cyber espionage campaign” targeting telecommunication companies. This allows them to intercept private text messages between different types of phones, putting your personal information at risk if you’re texting about sensitive topics.
While this is mainly a targeted attack aimed at people in government or politics, it’s still smart for everyone to take precautions. Instead of sending sensitive information like social security numbers or credit card details in regular text messages, use encrypted messaging apps like WhatsApp or Telegram. Another good option is simply making a phone call instead of texting when discussing private matters. Also, make sure your phone automatically receives operating system updates to patch security holes.
Watch out for toll payment scam texts
Have you received a text message claiming you owe money for unpaid tolls? Be careful – this is another scam the FBI is warning about. These messages look surprisingly real, often including official-looking logos and urgent language to scare you into taking immediate action. The scammers create fake websites that look just like legitimate toll service pages, then trick you into entering your payment details when you click their links.
The FBI believes these toll payment scams are being run by financially motivated cybercriminal groups, possibly with connections to China. They’ve been reported across multiple states, suggesting a coordinated nationwide effort. If you get a text about unpaid tolls, don’t click any links. Instead, delete the message immediately and check the toll service’s actual website by typing the address directly into your browser. You can also call their customer service number (look it up yourself, don’t use any numbers provided in suspicious texts) to verify if you really owe any money.
Suspicious network devices can spy on your home
Your home internet setup might be more vulnerable than you think. The FBI, along with other government agencies, has warned that hackers linked to China have been exploiting vulnerabilities in common network devices from brands like Fortinet, Ivanti, Cisco, NetGear, and Citrix. These attacks allow them to access your home network and potentially spy on your online activities or steal your personal information. Even more concerning, these hackers have maintained access to victims’ networks for up to five years without being detected.
Small businesses and homes are particularly at risk because hackers have hijacked hundreds of small business and home routers to use as command-and-control infrastructure. This means your innocent-looking router could actually be helping criminals carry out attacks. To protect yourself, make sure you’re regularly updating your router’s firmware (the software that runs it), change the default password it came with, and consider replacing very old models that may no longer receive security updates.
North Korean IT workers stealing company data
If you run a small business or work with freelance IT professionals, here’s something you need to know. The FBI is warning that North Korean IT workers are posing as regular job applicants or contractors, then using their access to steal sensitive company data and code. These aren’t just random hackers – they’re part of a coordinated effort by North Korea to fund its government through cybercrime. Once they gain access to your systems, they might copy your code, steal proprietary information, or even hold your data hostage until you pay them.
This threat is especially concerning for small companies that might not have strong verification processes in place when hiring remote workers. The FBI recommends implementing identity-verification during hiring, educating your staff about this threat, and carefully reviewing applicants’ communication accounts for red flags. Be wary of candidates who refuse video interviews or have profiles that don’t match their claimed experience. If you use third-party staffing firms, verify that they have strong hiring practices to screen out these bad actors.
Encrypted communication is your friend
With all these warnings about text messages being intercepted and data being stolen, you might be wondering how to keep your communications private. The FBI actually recommends using encrypted messaging apps for sensitive conversations, despite their ongoing battles with tech companies over encryption. The current reality is that standard text messages (SMS) between phones aren’t secure, especially when sent between different types of devices like iPhones and Android phones.
To protect your private conversations, consider switching to apps like Signal, WhatsApp, or Telegram, which use end-to-end encryption. This means only you and the person you’re talking to can read the messages – not even the company that makes the app can see what you’re saying. Also enable multi-factor authentication on all your important accounts, which requires a second form of verification beyond just your password. This simple step makes it much harder for hackers to break into your accounts, even if they manage to steal your password.
How to verify if that call is really from your bank
One of the most common scams involves someone calling you and claiming to be from your bank, a government agency, or a tech company. They might sound extremely convincing, using official-sounding language and knowing surprising details about you. They might even spoof their phone number to make it look like they’re really calling from your bank. But how can you tell if it’s really your bank calling or a scammer trying to trick you? The FBI recommends a simple but effective approach: hang up and call back.
Don’t use the number the caller gives you. Instead, find the official number on the back of your credit card, on your bank statement, or by typing the company’s name into a search engine yourself. When you call this verified number, ask if someone from the company just contacted you. In most cases, you’ll find out no one did, and you just avoided a scam. Remember that legitimate companies won’t pressure you to act immediately or threaten you if you want to verify their identity. They understand the importance of security and will respect your caution.
Never give remote access to your computer
Have you ever received a pop-up message claiming your computer is infected with a virus, along with a phone number to call for help? Or maybe someone called claiming to be from Microsoft or Apple support, saying they detected a problem with your device? These are classic tech support scams, and the FBI warns they’re getting more sophisticated. The scammers might direct you to look at normal system files and claim they show evidence of hacking. Then comes their solution: give them remote access to your computer so they can “fix” the problem.
The moment you grant someone remote access, they can see everything on your screen, access your files, install malware, or even record your keystrokes to steal passwords. The FBI strongly advises never to provide remote access to your computer to someone who contacted you unsolicited. If you think you might have a genuine computer problem, contact the company directly through their official website or customer service number. And remember, tech companies don’t monitor your personal devices for viruses or problems – they won’t call you out of the blue about issues with your computer.
Staying safe in today’s digital world means being skeptical of unexpected messages, calls, and unusual requests. The FBI emphasizes that scammers succeed by creating a sense of urgency that pushes you to act before thinking. Take a moment to verify who you’re really dealing with before sharing personal information, clicking links, or handing over money. Report suspicious activity to the FBI’s Internet Crime Complaint Center at ic3.gov. Remember, if something seems odd or too good to be true, trust your instincts – they’re probably right.
