U.S. federal agencies are issuing urgent warnings too iPhone users regarding the security of text messaging, notably when communicating with Android devices.A recent advisory from CISA and the FBI highlights vulnerabilities in iMessage‘s encryption when interacting with non-Apple platforms, perhaps exposing sensitive communications to interception. As cyberattacks targeting major telecommunication providers increase, officials are urging users to consider alternative, more secure messaging applications and adjust their iPhone settings accordingly.
U.S. federal agencies are warning iPhone users to avoid sending cross-platform text messages via iMessage, citing insufficient encryption that could leave communications vulnerable to interception. According to a recent alert from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), end-to-end encryption isn’t consistently available when iPhones communicate with Android devices. This is largely due to the reliance on Rich Communication Services (RCS) technology for cross-platform messaging, which is currently decrypted by Google in the U.S.
CISA specifically advises iPhone users to disable the “Send as SMS” feature, found under “Settings > Messages,” to prevent iMessage from automatically falling back to unsecure SMS texts when it can’t deliver a message via iMessage. While iMessage offers end-to-end encryption for communications between Apple users, experts emphasize that messages sent to Android devices remain susceptible to interception. This warning comes amid heightened concerns about national security, following reports of a recent cyberattack – dubbed “Salt Typhoon” – targeting the networks of major U.S. telecom providers AT&T and Verizon, potentially exposing calls and communications.
🔒Cyber threat actors are using spyware and other advanced social engineering techniques to target private messaging apps & compromise mobile devices. See our Alert for more details and ways to protect your mobile communications 🔗https://t.co/IcK3niMjMp pic.twitter.com/q6txBWGcsg
— CISA Cyber (@CISACyber) November 24, 2025
Given these risks, CISA and the FBI recommend that all smartphone users switch to messaging apps like WhatsApp and Signal, which offer end-to-end encryption and regularly updated security protections. However, Signal users should remain vigilant, as a recent vulnerability in the platform’s multi-device linking feature was exploited by Russian hackers in a “zero-click” attack. Samsung Galaxy users are also urged to install a critical security patch released in April 2025 (CVE-2025-21042) to protect against Android malware and spyware.
In addition to app selection, users should regularly update their systems and applications, enable multi-factor authentication, set a secure phone account PIN, and consider enabling “Lockdown Mode” and iCloud Private Relay on iPhones for enhanced protection. It’s also advisable to avoid sending sensitive information via SMS and to limit its use for multi-factor authentication.
Improving cross-platform end-to-end encryption remains a key challenge, but for now, the most secure approach is to utilize dedicated messaging apps with robust encryption and proactive threat mitigation. The increasing sophistication of cyber espionage threats demands heightened user awareness and caution.
(首圖來源:蘋果)
延伸閱讀:
科技新知,時時更新
jQuery(document).ready(function(){
jQuery('iframe').each(function(i){ var $this = jQuery(this); if ( $this.attr('data-src') ) { var data_src = $this.attr('data-src'); data_src += '&v=' + (new Date()).getTime(); $this.attr('data-src', data_src); } });
setIframe();
//lazy-iframe jQuery(window).scroll(function(){ setIframe(); }); });
