This week, an NBC News report disclosed that numerous New Yorkers were targeted with scam texts following a breach of their state’s official text messaging system by hackers. New York’s Office of Information Technology Services reported to NBC News that approximately 188,000 individuals received text messages from the state, with around 160,000 of them receiving the fraudulent texts.

Scam texts are becoming more prevalent. You may have seen messages from fraudsters soliciting information for a package delivery or alerting you about a questionable charge on your bank account. We have also reported on DMV scam texts, inflation refund scam messages, mistaken number texts, and others.

This latest scam text initiative underscores the escalating seriousness of the problem. A mobile messaging service named Mobile Commons, utilized by the New York state government, Catholic Relief Services, and Fight for a Union, was compromised. Following the breach, the hackers exploited the service to disseminate scam texts to individuals subscribed for updates from these entities.

Mobile Commons stated to NBC News, “On the night of Monday, November 10th, an unauthorized third party unlawfully accessed our platform, likely through a spear phishing attack or a similar social engineering technique. The intruder’s access lasted for a four-hour window concluding at 12:10 AM on November 11th before it was detected and terminated. During this interval, several attempts were made to distribute spam messages using our system. A limited quantity of these messages reached subscribers prior to our security measures identifying and halting the harmful activity.”

NBC News indicated that the scam texts prompted users to dial a toll-free number concerning a denied bank transaction involving a significant sum of money. These transactions did not exist. The hackers aimed to trick targets into calling the number, believing it to be a genuine message from their bank, and then convince them to execute a real transaction to resolve the issue. In truth, that transaction would benefit the scammers.

Mobile Commons reassured NBC News that user data was not compromised during the breach but did not disclose how many subscribers received the scam texts. It remains uncertain how many individuals were deceived by the scam and incurred financial losses.

Mashable recommends that readers never engage with a phone number or link that claims to be from a financial institution. Instead, they should directly contact the bank or credit company using their official phone number to confirm the authenticity of any such text message.