{"id":28331,"date":"2025-03-21T08:42:54","date_gmt":"2025-03-21T16:42:54","guid":{"rendered":"https:\/\/www.spokeo.com\/compass\/?p=28331"},"modified":"2025-03-21T08:42:57","modified_gmt":"2025-03-21T16:42:57","slug":"smishing-scams","status":"publish","type":"post","link":"https:\/\/www.spokeo.com\/compass\/smishing-scams\/","title":{"rendered":"6 Smishing Scams to Watch Out for in 2025"},"content":{"rendered":"\n

\u201cSmishing\u201d might sound like the latest Fortnite dance, but it\u2019s no game.\u00a0 In reality, it\u2019s a variation of phishing<\/a> \u2013 where scammers under the guise of reputable organizations \u201cfish\u201d for personal data \u2013 except the bogus message comes in the form of text messages rather than emails.\u00a0 Short Message Service, or SMS, is the tech that powers many texts; so mash phishing up with SMS and you get smishing.\u00a0\u00a0<\/p>\n\n\n\n

Unfortunately, people have a tendency to be a little more trusting of texts<\/a>, which means that scammers have a higher success rate with text-based rackets \u2013 and that in turn makes smishing rather popular.\u00a0 There\u2019s plenty of smish in the sea, but here are six to watch for in 2025.\u00a0<\/p>\n\n\n\n

<\/p>\n\n\n\n

1. Bogus Delivery Messages<\/h2>\n\n\n\n

Ever since COVID hit, online shopping and delivery services have been in a boom period \u2013 even here in 2025, data from UPS<\/a> indicates that same-day delivery demand is expected to grow by more than 20%.\u00a0 What was once thought to be a pandemic trend might just end up being a \u201cnew normal\u201d staple.\u00a0 Likewise for the type of smishing that increased delivery demand has inspired:\u00a0 bogus \u201cdelivery failure\u201d notifications.\u00a0<\/p>\n\n\n\n

You\u2019ll get a text saying that your package couldn\u2019t be delivered, asking you to click a link (or sometimes, call a number) to sort it out.  The message may appear to come from the delivery company or the seller (often Amazon), but it\u2019s often a trap.  Clicking the link may take you to a fake retail or shipping page where you\u2019ll be prompted to log in \u2013 thus providing smishers with your account credentials \u2013 or perhaps be asked to verify your payment information.  The sketchy site might even skip all that and jump straight to loading malware onto your devices.  In any case, it\u2019s no bueno. <\/p>\n\n\n\n

Similarly, scammers have taken advantage of all that online shopping to send texts that appear to look like shipping updates from USPS, but are in fact smishing attacks. You can check out our full guide to spotting fake USPS text here.<\/a>\u00a0<\/p>\n\n\n\n

2. The Toll Scam <\/h2>\n\n\n\n

Wake up, babe, new scam just dropped:\u00a0 it\u2019s the smishing toll scam<\/a>.\u00a0 In some cities, if you hop on a speedier toll road, your municipality will automatically send you a bill for the service, based on info tied to your license plate.\u00a0 In the toll scam, con artists pretend to be your local toll service, and you\u2019ll get a text prompting you to click a link to pay your \u201coutstanding balance.\u201d\u00a0 Pay that phony bill and, bingo, smishers now have your payment info on file.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/p>\n\n\n\n

Just in the first quarter of the year, the FBI\u2019s Internet Crime Complaint Center received more than 2,000 complaints on this one, so be sure to keep your eyes peeled.  In particular, the FBI warns that truck drivers are popular targets of the toll scam.<\/p>\n\n\n\n

\"understanding<\/figure>\n\n\n\n

3. 2FA Shams<\/h2>\n\n\n\n

Ironically, another popular smishing technique works precisely because people are wising up to very real security concerns.  The truth is, usernames and passwords are inexpensive to purchase via shady online black markets, and once they\u2019re in the hands of criminals, they can be used to take over accounts through a technique called \u201ccredential stuffing.\u201d <\/p>\n\n\n\n

To counter this, more and more apps and sites now require or offer a login option called two-factor authentication (2FA) or multi-factor authentication (MFA).  You know that thing where you enter your username and password, but then need to enter another code texted to your phone?  That\u2019s 2FA \u2013 the first \u201cfactor\u201d is your login info, and the second is the verifying text code.  The 2FA scam works by sending you an authentication code that says someone is attempting to log in to one of your accounts.  There will also be a \u201chelpful\u201d login link to tap, so you can log in to sort it all out.  If only. <\/p>\n\n\n\n

Of course, when you click that link to put a stop to whoever\u2019s trying to scam you, you\u2019ve actually played right into the hands of the scammers themselves.  <\/p>\n\n\n\n


4. Tax-Related Smishing <\/h2>\n\n\n\n

Just like death and taxes, this smishing scam is perennial.  Whether it\u2019s by phone, email, or text, tax-adjacent fraud is a total catnip to scammers worldwide.  You can especially expect tax-related smishing attacks in the US to peak every year in spring when tax time rolls around.  But that doesn\u2019t mean tax-related smishing is exclusive to April, by any means. <\/p>\n\n\n\n

Scammers typically pretend to be from the IRS, and the messages often inform you (in no uncertain and often threatening terms) that you\u2019ve messed up on your taxes, that you owe them money, and that you\u2019ll be in a world of hurt if you don\u2019t settle up post-haste.  Like most smishing and phishing scams, there are plenty of variations on the theme, including some with (phony) links to dispute resolution sites or a warning that your myIRS account may have been compromised \u2013 and that, of course, you\u2019ll need to click a link \u201cto verify the information on file.\u201d  Emphasis on those quotation marks.<\/p>\n\n\n\n

It\u2019s wild that this kind of attack has been so successful for so long, given that the IRS just plain doesn\u2019t contact taxpayers by text message<\/a>.\u00a0 Ever.\u00a0 We\u2019re pretty sure the IRS doesn\u2019t even know what a text message is yet.\u00a0\u00a0<\/p>\n\n\n\n

\"man<\/figure>\n\n\n\n

5. Faux Surveys, Giveaways, and \u201cSpecial Offers\u201d<\/h2>\n\n\n\n

Another evergreen scam that\u2019s still paying those smishing bills in 2025?  The survey, giveaway, or \u201cspecial offer\u201d shakedown.  The thing is, it\u2019s totally true that legit companies do work hard to build engagement with customers with exactly this kind of communication \u2013 and that\u2019s what makes it so easy for scammers to hitch a ride on their coattails with this smishing variant. <\/p>\n\n\n\n

You know the drill:  you get a text inviting you to offer your feedback or enticing you with swag or discounts, and all you need to do is click a link to get there.  If that link doesn\u2019t infect your device with malware off the bat, you\u2019ll surely have to exchange some tasty personal info in exchange for your prize.<\/p>\n\n\n\n

If it\u2019s a brand or retailer you\u2019re actually familiar with, there\u2019s an even better chance of falling victim.\u00a0 That\u2019s why bad actors most often impersonate popular brands<\/a>, with names like Microsoft, Adobe, DHL and Google topping the list.\u00a0 Expect these scams to peak during strategic shopping seasons, like Black Friday\/Cyber Monday<\/a> and the holidays<\/a>, but stay vigilant year-round.\u00a0<\/p>\n\n\n\n

6. \u201cYour Account Has Been Locked\u201d<\/h2>\n\n\n\n

This one is another evergreen favorite, and its longstanding success tells you that it\u2019s insidiously effective.  Think of this one as the opposite of a \u201cspecial offer\u201d scam:  Instead of acting quickly to make something good happen, you\u2019re urged to act quickly in order to prevent something bad from happening. <\/p>\n\n\n\n

Here, a text will typically tell you that your account has been locked<\/a> for one reason or another (i.e. \u201csuspected fraud\u201d or a payment failure, occasionally even \u201cviolation of our terms of service\u201d).\u00a0 To set things straight, you\u2019ll need to \u2013 say it with us, now \u2013 click the embedded link.\u00a0 The beauty of this scheme, at least from the scammer\u2019s perspective, is that if you fall for the setup, they\u2019ve got a plausible reason to ask you for your personal and payment information.\u00a0<\/p>\n\n\n\n

More Hits from 2024<\/h2>\n\n\n\n

Grifters love to play the hits, but just like phishing, smishing messages are virtually limitless in terms of themes and variety.\u00a0 We\u2019d be here till 2026 to list them all, but here are a few more trends<\/a> from the trenches to take note of:<\/p>\n\n\n\n