The Federal Bureau of Investigation has issued warnings regarding the spike of “smishing” scams targeting smartphone users around the world. Smishing has been a threat since the early 2010s but became more prevalent during and after the COVID-19 pandemic.
Smishing is a type of “phishing” that comes in the form of text messages. It involves scammers/fraudsters sending fraudulent messages that are designed to trick their recipients into revealing sensitive information.
The texts take the form of reminders and links to pay for parking violations, road toll collection services, fake delivery service alerts, or links to loan applications that would require the applicants to fill in credit card/account details.
Currently, there are over 10,000 websites dedicated to carrying out smishing in the US alone. The websites are designed to mirror, look, and give the impression of a legitimate platform, making it difficult for tech-savvy users to even spot the difference between them and a real website.
Many cities in the US are experiencing giant waves of smishing messages. They include Annapolis, Boston, Greenwich, Denver, Detroit, Houston, Milwaukee, Salt Lake City, Charlotte, San Diego, San Francisco, Dallas, Atlanta, Los Angeles, Chicago, Orlando, and others.
The smishing scam is not limited to Android users alone but also iPhone users. Scammers are actively developing techniques to bypass security measures, including those designed to protect iPhone users. This act highlights the organization and significant risks these cybercriminals pose to the general public.
In a press release by the FBI on the 12th of March, the FBI Internet Crime Complaint Center (IC3) reports there have been 1573 complaints in March so far. That compares to the 1720 complaints for the 14-month period between January 1st, 2024, and February 28th, 2025. Reported losses currently stand at $3,643.42. The actual number of victims is believed to be much larger.”
This has driven the FBI to create awareness and constant on every social media platform and news outlet about the markers of the smishing messages, websites behind the scams and how to identify them, and what to do when such messages are identified.
A report from cybersecurity firm Palo Alto Networks’ Unit 42, covered by Fox News, said, “The scam attacks are operated by local cybercriminals using a toolkit developed by Chinese hacking groups. Notably, research from Unit 42 shows that many of the scam’s root domains and fully qualified domain names used the Chinese “.XIN” top-level domain (TLD).
For example, com-2h98[.]xin, com-ucla[.]xin, com-securebill[.]xin, sunpas.com.ticketao[.]xin, and dhl.com-new[.]xin are a few examples of root domains and fully qualified domains used by this scam group.
In accordance to FBI recommendations, the following steps should be taken when in contact with any suspicious message or website:
- File a complaint with the IC3 at www.ic3.gov, and be sure to include the phone number that sent the text message and the website indicated in the text.
- Verify information directly. If texts come in regarding unpaid bills or loans, or to resolve any issue, contact the company directly on their official websites or customer care line. Do not use any contact information included in the text.
- Never provide any personal information via text, as no organization will ask for such sensitive information through texts.
- Delete any unexpected/smishing texts received.
- If in a situation where the text was taken seriously and personal information was provided in response to it, take efforts to secure your financial accounts and personal information immediately.
- Ensure your smartphone’s operating systems are up to date and have security patches. Install antivirus and antimalware software to help detect and block phishing attempts.
