‘Smishing’ text message scam attempts have risen dramatically, says Which?

Reports of smishing in the UK increased by nearly 700% in the first six months of 2021 compared to the second half of 2020.

Vicky Shaw
Monday 13 September 2021 19:01 EDT
Reports of text message scams have jumped in the first six months of 2021, according to Which? (Ian West/PA)
Reports of text message scams have jumped in the first six months of 2021, according to Which? (Ian West/PA) (PA Archive)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Reports of text message scams have jumped in the first six months of 2021, according to Which?

Such “smishing” (SMS phishing) scams often involve texts pretending to be from banks, delivery companies and phone networks.

The consumer group said figures from Proofpoint show reports of smishing in the UK increased by nearly 700% in the first six months of 2021 compared to the second half of 2020.

This has been driven by fraudsters look to take advantage of coronavirus pandemic-related shopping trends, such as people getting more deliveries to their homes, as well as the growth in businesses sending texts to customers.

Proofpoint operates the 7726 text service that enables people to report spam texts for free, and collects data on those reports categorised as smishing.

Smishing attempts have risen dramatically - with fraudsters taking advantage of the pandemic to trick consumers into giving away personal details and transferring their hard-earned cash

Rocio Concha, Which?

The figures suggest there is a three-to-one ratio of parcel smishing attacks to banking smishing attacks. Voicemail smishing – where scammers send a text pretending to have a link to a voicemail – is also a more recent technique.

Which? has published an SMS best practice guide for businesses to help protect their customers from potential fraud – adding major banks and delivery companies such as Barclays TSB DPD and Hermes have agreed to adopt it.

Since establishing its own “scam sharer” tool in March 2021, Which? has received more than 9,000 reports to the tool. Two-thirds (65%) of reports have been phone call or text scams – and 31% have been scam texts specifically.

Which? research found seven in 10 (71%) people say they do not trust text messages from companies to be free from scam risks.

The consumer group suggests that businesses should avoid hyperlinks where possible and not include phone numbers.

Rocio Concha, Which? director of policy and advocacy said: “Smishing attempts have risen dramatically – with fraudsters taking advantage of the pandemic to trick consumers into giving away personal details and transferring their hard-earned cash.

“Businesses must play their part to protect people from scams.”

The findings were released as fraud prevention body Cifas and Mobile UK warned of an increase in “social engineering attacks” on mobile phone users.

Attempts by criminals to impersonate genuine customers of phone companies and hijack their accounts have increased significantly in recent years, they said.

Facility takeover fraud, whereby an existing mobile phone account is taken over by a fraudster, has increased by 88% over the past three years in the telecommunications sector, with over 17,500 instances recorded in 2020.

Fraudsters trick people into disclosing their personal, banking and account details, often by impersonating mobile phone operators themselves and offering upgrades.

Reports have also been received of criminals using other communications methods, such social media platforms, to impersonate mobile phone companies.

Cifas’ head of fraud intelligence Amber Burridge said: “If you receive a call from someone purporting to be a mobile phone company offering you a new mobile phone or an upgrade, always be sceptical and challenge the caller.”

Gareth Elliott, head of policy and communications at Mobile UK, said: “We urge customers to remain vigilant and to help us act by texting reports of nuisance SMS to 7726, and reporting suspicious calls.”

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in