FBI Warns Texting between iPhone and Android Could Be a Security Risk

Sophia Taylor

By Sophia Taylor

Published:

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) are urging Americans to avoid sending text messages between iPhones and Android devices due to a lack of end-to-end encryption. As reported by Politico, this warning is tied to ongoing cyberattacks by a Chinese-linked group targeting global telecommunications networks, posing significant risks to U.S. communications.

While messages sent within the same platform—iPhone to iPhone or Android to Android—are secure, cross-platform messages could be intercepted by hackers, leaving sensitive information exposed.

The Growing Threat of Cyberattacks

The warning follows cyberattacks attributed to Salt Typhoon, a hacking group linked to China’s Ministry of Public Security. These attacks, described as “ongoing and likely larger in scale than previously understood,” have targeted U.S. networks, stealing call and text metadata. While most intercepted content has been limited, certain communications involving government or politically connected individuals have reportedly been compromised, highlighting the risks of unencrypted messaging.

Cross-platform texts remain particularly vulnerable due to the absence of encryption in the Rich Communication Services (RCS) protocol. RCS, a modern upgrade to SMS, adds features like read receipts and group chats. But crucially, when used between an iPhone and Android device, it lacks the end-to-end encryption necessary to protect message content from interception.

Why Encryption Matters

End-to-end encryption ensures that only the sender and recipient can read a message, even if intercepted. Without this protection, texts can be exposed to malicious actors. Apps like WhatsApp, Signal, and Facebook Messenger already offer end-to-end encryption for texts, voice calls, and video chats, making them safer alternatives for communication.

Although Apple and Google support encrypted communication within their platforms, their collaboration on RCS has not addressed this critical issue for cross-platform texting. Apple, in particular, has been criticized for not including encryption for RCS messages, despite encouraging its users to rely on secure messaging. As of now, there is no timeline for when encryption might be added to RCS.

How to Protect Your Communications

For users who frequently communicate across platforms, switching to encrypted apps is recommended. WhatsApp and Signal are both widely available and enable secure messaging and calling between iOS and Android devices. These apps ensure that even if data is intercepted, it remains unreadable.

As the cyber threat landscape continues to evolve, following the FBI and CISA’s advice is crucial for protecting sensitive communications. Taking proactive steps to secure your messaging practices can prevent personal and professional information from being compromised.