FCC warns of steep rise in phishing over SMS

FCC warns of steep rise in phishing over SMS

After the FCC (Federal Communications Commission) made a huge splash weeks ago when it told Google and Apple to pull TikTok from their respective app stores, the federal agency is now warning Americans of an increased wave of SMS phishing attacks.

SMS phishing, otherwise known as smishing or robotexts (FCC’s own terminology), is a form of phishing that attempts to trick people into handing over their personally identifiable information (PII) and/or money using SMS instead of email, which standard phishing usually starts. The FCC has noted that scammers use various lures to trick someone into replying, giving out their information, or clicking a link.

“Like robocallers, a robotexter may use fear and anxiety to get you to interact,” the FCC consumer alert reads. “Texts may include false-but-believable claims about unpaid bills, package delivery snafus, bank account problems or law enforcement action against you. They may provide confusing information—as if they were texting someone else—, incomplete information, or utilize other techniques to spur your curiosity and engagement.”

What motivates criminals to engage in smishing tactics is to get money and personal information or to simply confirm that the number they’re messaging is active, so they can target it in future scam campaigns.

According to the FCC, it tracks consumer complaints instead of text volume. The agency noted a steady climb of unwanted SMS messages, from approximately 5,700 in 2019 to 8,500 by June 30, 2022. 

A separate study confirmed this, too, but revealed more sobering numbers. RoboKiller, an app that screens scammy calls and messages, found that Americans were sent a mind-blowing 12 billion spam texts in July 2022.

“That’s nearly 44 spam texts for every person in the country!” And the numbers were no different in June and May 2022.

RoboKiller also pointed out in the report that spam texts have outpaced spam calls for two consecutive years. And one of the notable reasons for this is the FCC mandating the STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted information using toKENs) framework, which was designed to curb spam calls. It’s effective, which is why scammers switched to spam texts.

The FCC posted bite-sized, back-to-back tweets on signs of scam text messages and how Americans can avoid getting scammed.

When you receive a spam text, do not engage with the sender.

Ignore them, but file a complaint to the FCC.

Finally, if you think you were the victim of an SMS text scam, the FCC recommends you report the incident to your local law enforcement agency and notify your bank and mobile carrier.

Stay safe!