The first half of this year has a tally of more than 8,500 complaints registered as smishing attacks, making the threat significant and steadily rising over time. Asking the Americans to be vigilant, FCC listed tips on how to stay secure against smishing attacks.
SMS-Based Phishing Attacks on The Rise
A general phishing campaign is always thought to be made using an e-mail, where the threat actor embeds his malicious link in the phishing email and asks his targets to interact with it. But over time, scammers have grown to use other forms of communication too, to reach people. And the most common means other than emails are – SMS. SMS-based phishing is called smishing, where the threat actor sends SMS to people with phishing links in them. Scammers intelligently impose a known organization or government agency to convince people to open them and interact as needed. They induce fear in the target to make him click on the phishing link and provide listed details. In most cases, they ask for sensitive information like PII and banking data and use them for other attacks or stealing money. Scammers using smishing generally send messages on claims about unpaid bills, package delivery issues, bank account problems, or law enforcement actions. And such attacks are on a steady rise, warns FCC.
— The FCC (@FCC) July 28, 2022 The Robocall Response Team of the Federal Trade Commission said that they received more than 8,500 reports of smishing until June 2022, which seem to be a growing concern when compared to the annual records of 5,700 in 2019, 14,000 in 2020, 15,300 in 2021 years. FCC tracks the consumer complaints rather than call or text volume to determine the numbers. Since they’re rising, the watchdog listed the below measures to stay secure for citizens;
Do not respond to texts from unknown numbers or any others that appear suspicious. Never share sensitive personal or financial information by text. Be on the lookout for misspellings or texts that originate with an email address. Think twice before clicking any links in a text message. If a friend sends you a text with a suspicious link that seems out of character, call them to ensure they weren’t hacked. If a business sends you a text you weren’t expecting, look up their number online and call them back. Remember that government agencies almost never initiate contact by phone or text. Report texting scam attempts to your wireless service provider by forwarding unwanted texts to 7726 (or “SPAM”). File a complaint with the FCC.
Also, visit the FCC Consumer Help Center and the FCC Scam Glossary for more info.