Note: Please do not post Personally Identifiable Information like email address, personal phone number, physical home address, product key etc.
Issue abstract:
Detailed description:
I am getting a Risky Message Alert for secureiis. identityforce. com. This is a legitimate link for IdentityForce.
Product & version number:
Norton 360
Version: 26.11.1.260630610
Norton 360 with LifeLock Ultimate Plus
OS details:
What is the error message you are seeing?
RISKY MESSAGES
+1 617-229-5693
7/4/26
, you have a new IdentityForce alert. Login to secureiis. identityforce. com to view…
If you have any supporting screenshots, please add them:
What is the process for reporting false positives of Risky Message reporting?
Hello @HartmannR
The Risky Message Alert you are seeing is triggered by the Safe SMS / Scam Protection feature in your Norton 360 mobile app. It flagged the text message containing secureiis.identityforce.com because aggressive heuristic security filters often flag subdomains with sensitive words (like “secure”, “identity”, or “login”) as potential “smishing” (SMS phishing) attempts.
You are completely correct: secureiis.identityforce.com is a legitimate, safe, and official login portal used by IdentityForce (a TransUnion brand) for its members.
How to Bypass or Resolve the Alert
Because Norton 360 operates locally on your operating system, it flags suspicious text patterns but cannot automatically delete or modify them without your input. You can manage the alert safely depending on which device you are using:
On an Android Device
Open your Norton 360 app .
Tap Menu at the bottom of the screen and select Safe SMS .
Locate the flagged message from the list.
If you wish to allow or ignore the risk, you can select Visit Anyway or bypass the threat option. Alternatively, if you already read the text and want to clean up your dashboard, press and hold the message inside the Norton menu to Delete the alert history.
On an iOS Device
Open the Norton 360 app .
Go to the SMS/Internet Security tab.
Tap View Details on the specific alert.
Select Allow Access to Site or add it to your trusted list to prevent Norton from flagging it in future text messages.
===
Since the Norton Safe Web portal reports the link as “Safe” , it means Norton’s global threat database already recognizes the website as legitimate. The alert you received was strictly generated by the local SMS scanner on your phone, which flagged the text structure rather than the actual website reputation.
===
A Quick Security Note
While IdentityForce is a legitimate service, scammers often spoof numbers or copy exact login text templates to steal credentials. Because Norton flagged it, always double-check the address bar after clicking View . Ensure it opens to https://identityforce.com and displays a secure padlock icon before typing in your password.
identityforce.com is the main corporate domain, while secureiis.identityforce.com is a specific subdomain dedicated to handling member login data.
===
The phone number +1 617-229-5693 shown in your alert is highly likely a legitimate automated outbound dialing server used by TransUnion / IdentityForce to distribute automated account alerts.
It is completely normal for a regular 10-digit phone number (known as a Long Code) to trigger security alerts.
Why the Phone Number Triggered Norton
Lack of Public Directory Listing: Corporate notification systems rely on automated leased lines. These high-volume digital lines do not appear in public residential white pages or customer-facing contact directories like the official IdentityForce Member Support Line (1-877-694-3367).
Aggressive Fraud Prevention Spikes: Scam protection apps keep a watchful eye out for standard 10-digit numbers sending out security links, because modern scammers constantly lease normal local area codes (like Boston’s 617) to impersonate identity protection companies. Norton flags the text structure defensively until you approve it.
How to Stop the Scanner from Flagging This Number
To ensure you smoothly receive future real-time fraud or credit alerts from IdentityForce without Norton constantly jumping in to stop them, complete these two adjustments:
Add to Phone Contacts: Create a new contact on your mobile device named “IdentityForce Alerts” and add +1 617-229-5693 as the mobile number. Most mobile security scanners automatically skip or trust text traffic originating from numbers explicitly saved in your local address book.
Mark as Not Risky: As seen in your screenshot, make sure to tap that Not risky button. This directly whitelists the combination of that specific 617 phone number and the secureiis subdomain inside your local Norton application rules.
AI sourced content may make mistakes
Caveat: I’m not familiar with identityforce.com
Hello @HartmannR
The Risky Message Alert you are seeing is triggered by the Safe SMS / Scam Protection feature in your Norton 360 mobile app. It flagged the text message containing secureiis.identityforce.com because aggressive heuristic security filters often flag subdomains with sensitive words (like “secure”, “identity”, or “login”) as potential “smishing” (SMS phishing) attempts.
secureiis.identityforce.com is a legitimate, safe, and official login portal used by IdentityForce (a TransUnion brand) for its members.
How to Bypass or Resolve the Alert
Because Norton 360 operates locally on your operating system, it flags suspicious text patterns but cannot automatically delete or modify them without your input. You can manage the alert safely depending on which device you are using:
On an Android Device
Open your Norton 360 app .
Tap Menu at the bottom of the screen and select Safe SMS .
Locate the flagged message from the list.
If you wish to allow or ignore the risk, you can select Visit Anyway or bypass the threat option. Alternatively, if you already read the text and want to clean up your dashboard, press and hold the message inside the Norton menu to Delete the alert history.
On an iOS Device
Open the Norton 360 app .
Go to the SMS/Internet Security tab.
Tap View Details on the specific alert.
Select Allow Access to Site or add it to your trusted list to prevent Norton from flagging it in future text messages.
===
Hello @HartmannR
Risky Messages Alert is submitted using the exact same form as a standard URL False Positive.
Because Norton’s mobile app flags texts based on the links contained inside them, the security engine treats the issue as an incorrect website detection rather than a phone number block.
Why It Uses the Same Portal
URL-Driven Logic: The mobile app’s “Safe SMS” filter flags messages because it parses the text, extracts the link (://identityforce.com), and flags it based on text heuristic rules.
Database Whitelisting: Submitting it via the URL form updates Norton’s global threat database. Once the backend team approves the subdomain, the local mobile app will stop flagging messages containing that address.
How to Complete the Form for a Mobile Alert
When filling out the Norton Submission Portal Form , use these exact parameters to ensure the review team routes it correctly:
Submission Type: Select URL .
Detection Name: Type Risky Messages (or Safe SMS ).
Website URL: Paste https://identityforce.com .
Description Notes: State clearly: “This is a legitimate automated SMS login notification from IdentityForce (TransUnion). The mobile app is flagging it locally as a Risky Message.”
Is There an Alternative for the Phone Number?
If the text alert specifically warns you about the sender’s phone number rather than the link, you handle it inside the app rather than the website portal:
Go to Menu > Safe Call (or Call/SMS log) inside your Norton 360 mobile app.
Tap the specific transaction log entry for +1 617-229-5693.
Select Report and choose Regular to override the local spam reputation score.
AI sourced content may make mistakes
Caveat: I’m not familiar with identityforce.com