You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

A spam text message appeared from myself

In the text thread for my own contact profile—the thread where messages show up if I send a text message to my phone number—a message showed with a phishing link, that I didn’t send.


It says below it “Not shown in Shared with You”.


All of the other texts I’ve sent to myself in the past are above it. This is in the actual thread for my own contact profile.


It only shows up once, on the left side in grey, as if I received it. Every other text in this thread (that I did actually send to myself) shows up twice—once on the right in blue when I sent it, and a second time on the left in grey when I received it. This one only shows up on the left in grey.


How is this possible?


I have two factor authentication enabled, so I know that nobody has signed in to my Apple ID externally.


I also know with certainty that nobody has physically gained unauthorized accessed to any of my devices.

Posted on Mar 27, 2022 1:47 PM

Reply

Similar questions

85 replies

Mar 28, 2022 10:21 AM in response to boeing747crj200

Why is it “concerning”? It’s a spam message sent to thousands of random phone numbers. Delete the message and move on with your day. As with all such spam emails, phone calls, text messages or website popup messages ignore them no do not interact with the sender or the message. They do not need to know your phone number to send a text. The only requirement for anyone, anywhere to send a text message is to know the Area Code and local number code for any part of the world. They can then send messages to every number NPA-NXX from 0000 to 9999.

Mar 28, 2022 11:47 AM in response to Billyeee

From The Verge this afternoon:


“Photo by Chris Welch / The Verge

This morning, I received a very blatant spam text offering me “a little gift” for supposedly paying my phone bill. Normally I’d groan, roll my eyes, and quickly delete such a thing, but there was something different about this particular message: it was spoofed as coming from my own phone number. As best my iPhone could tell, it was a legitimate message from me to myself. Tapping into the sender details took me to my own contact card.

Equally frustrating was that I had no obvious way of reporting the alarming spoof to my carrier, Verizon Wireless. Spoofed calls and texts are nothing new; most people face a constant deluge of spam calls that appear on caller ID as from a number similar to their own. But this was the first time I actually got something from my own number. These scammers keep getting more sophisticated.

Turns out I wasn’t alone. More than a few customers on Verizon reported getting similar spam from their respective numbers over the last few days — same for its MVNO Visible — and several Verge employees on other carriers have also encountered them. I posted an Instagram story about it and have gotten plenty of “same” responses. SMS phishing, or “smishing,” has been on the rise in recent years, but there’s something more disconcerting and invasive about it being linked to your own number. It’s all very “the call is coming from inside the house.”

The main reaction on Twitter is confusion and “how?!” Again, this is all spoofing and technological impersonation. It’s trivially easy for spammers to camouflage as any number they choose. My Verizon account is secure, and my number hasn’t been hijacked. If you’ve gotten the same message, there’s no cause for panic. Just don’t go clicking that link.

Still, it often feels like the phone carriers are losing the war against scammers. I don’t envy having to contend with the sheer volume of spam attacks that come across their networks daily, but this is getting out of hand. I’ve noticed an uptick in general SMS spam over the last several weeks. And as Alex Lanstein noted on Twitter, this particular message contains several phrases — “free msg,” “bill is paid,” “gift” — that one assumes would be flagged by Verizon’s spam protection systems. And yet it came through successfully. And since this one showed as coming from me, the text also successfully evaded Apple’s “filter unknown messages” feature.”

Mar 28, 2022 12:53 PM in response to lkarma13

This explains it well...


This in from The Verge:


My own phone number is now spam texting me

Did you recently get a spam text... from yourself? You’re not alone

By Chris Welch@chriswelch  Mar 28, 2022, 12:17pm EDT

"This morning, I received a very blatant spam text offering me “a little gift” for supposedly paying my phone bill. Normally I’d groan, roll my eyes, and quickly delete such a thing, but there was something different about this particular message: it was spoofed as coming from my own phone number. As best my iPhone could tell, it was a legitimate message from me to myself. Tapping into the sender details took me to my own contact card.

Equally frustrating was that I had no obvious way of reporting the alarming spoof to my carrier, Verizon Wireless. Spoofed calls and texts are nothing new; most people face a constant deluge of spam calls that appear on caller ID as from a number similar to their own. But this was the first time I actually got something from my own number. These scammers keep getting more sophisticated.

Turns out I wasn’t alone. More than a few customers on Verizon reported getting similar spam from their respective numbers over the last few days — same for its MVNO Visible — and several Verge employees on other carriers have also encountered them. I posted an Instagram story about it and have gotten plenty of “same” responses. SMS phishing, or “smishing,” has been on the rise in recent years, but there’s something more disconcerting and invasive about it being linked to your own number. It’s all very “the call is coming from inside the house.”


https://www.theverge.com/2022/3/28/22999719/spam-texts-own-phone-number-verizon-att-tmobile

Mar 28, 2022 1:30 PM in response to Billyeee

I found a similar thread on a pixel forum (https://support.google.com/pixelphone/thread/157394941/received-spam-text-from-myself?hl=en). I got the 'bill paid for March' one. Another thread suggested that the user's iCloud got hacked. I verified that no-one was signed in when the message was sent, or any other time around then. Given that its happening on android as well, and all these help threads are from within the last day or so, it seems like a new spam program. The android thread suggests contacting your carrier.

Mar 28, 2022 3:19 PM in response to Kurt Lang

General response to all:


A couple of folks have posted a description of SMS spoofing, so that's the long version.


Short version. It's no different than email spoofing, where you get a spam message from someone you happen to know, but they didn't send it. The spammer spoofed the sender address to make it look like the email came from someone else.


SMS spoofing is the same thing, only for messaging. No, the messages did NOT come from your own phone. Neither your phone or your Apple account was hacked. The spammer spoofed your phone number as the sender. That's all.


Delete the spam and ignore it.

Mar 28, 2022 7:57 PM in response to Billyeee

so its just spam scammers are able to send texts from whatever numbers they want its a smishing link (sms phishing) so dont click the link bc they can steal personal info it has to do with the carrier i have verizon and from what ive seen online its mostly verizon customers dealing with it you can report it to the FCC i think and the report is under “my phone number is being spoofed” theres nothing to worry about though just delete the text

Mar 29, 2022 1:36 PM in response to Billyeee

I just had the same occurrence. Really creepy spoofing going on it looks like.


Going to try and get to the Apple store this week-if I can.



in the meantime, Here is an article about this that was released yesterday.

https://www.theverge.com/2022/3/28/22999719/spam-texts-own-phone-number-verizon-att-tmobile


hope this helps.



And you can’t exactly block yourself if you like to text yourself links and ideas and things like that. So would really love to find a solution! But just wanted you to know that you are not alone! We got the text to sad face! Take care and if anybody else has any updates please share :-)

Mar 30, 2022 9:30 AM in response to Billyeee

Spoofing can happen at any time to anyone. Using your phone number to text yourself is a new method to bypass defenses you have set up to make you follow the link. Your phone considers your phone number safe.


This will have to be blocked at the carrier level and should be done easily. The worry is that some people do text themselves and they will complain if they lose that ability. All spammers need is a range of numbers. They will make it appear that the text is legit by putting the same number in the To and From. This is also happening to Android folks according to some sites on the web. As long as you do not follow the link, you have nothing to be concerned about.


The bad thing is that you must block your own number to block the messages. I don't think anyone will be doing that.


A solution should be coming soon. Until then, report the bogus messages to your carrier or the FCC.

A spam text message appeared from myself

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.