Skip to Content
Security & privacy

Watch out! Texting scam can hijack your emails

Cybercriminals and scammers just won’t quit these days, will they? Not only are we being bombarded with more robocalls and phishing schemes than ever before, the bad guys have even taken to crashing our phones with malicious text messages that implode your operating system when you open them. It’s a crazy world out there, and the worst offenders just seem like they’re getting even bolder.

In fact, a new kind of scam is beginning to make its way to smartphones the world over — only this time, it’s not interested in crashing phones for fun. A security flaw has emerged that can allow malware itself on your phone and spy on your incoming emails. Once inside, it can send this information back to hackers and potentially compromise your data.

If you accidentally open the wrong text message, your private emails could end up on the dark web for even more hackers to look at. Here’s the latest on this spooky text message scam and how you can protect yourself from the nosiest criminals on the web.

Android phones at risk of new text message scam

Smartphone operating systems are no stranger to scams, cyberattacks and security flaws. Recently, hackers found a way to crash iPhones just by sending corrupted text messages. Now, cybercriminals have perfected their craft to introduce an even more devastating text message attack that threatens millions of phones. All it takes is the right security hole to exploit.

And sure enough, security researchers at Check Point Research have discovered that a wide swathe of Android phones are vulnerable to security holes found in the onboard text messaging application. If a vulnerable phone user opens a text message containing malicious code, a hacker can easily gain access to the device’s email settings, which would allow them to intercept and spy on emails with ease.

The flaw comes from an issue with how the phone “provisions” features over the air, which is essentially how your carrier is able to change settings on your device without being there in person. Since this flaw is at the root of the operating system, only phone developers can issue a fix to correct the issue.

Is my phone affected by this threat?

This new hacking scam is only targeting Android phones at the moment, so if you’re an iPhone user,  you’re in the clear. Officially, the vulnerable phone manufacturers at the moment are Huawei, LG, Samsung and Sony.

As for fixes, Samsung and LG are currently the only device-makers to have developed software patches for the time being. In fact, Samsung patched for the issue back in May of this year, so if you’ve recently updated your Samsung phone, you’re already safe from harm. LG’s update arrived in July, so if you’ve managed to update your LG phone since then, the fix has already been applied.

Huawei has vowed to deliver a fix alongside the arrival of their newest Mate and P-series phones. This means you may have to wait up to a few more months to keep your device secure.

Sony, on the other hand, is refusing to acknowledge the issue at all, claiming that they’d followed security procedures accordingly. There is no word whatsoever from Sony that a fix is even in the works, so if you have a Sony phone, it may be worth your while to screen your text messages more carefully. Don’t open anything from anyone you don’t recognize, and stick to talking only with people you know when you’re using your smartphone.

If we can’t trust the companies to take care of business, the burden falls on us. Thankfully, in this case, it’s as simple as just leaving that message unread.

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days