Smishing, a form of phishing that uses text messages to deceive victims and steal personal data or trick them into clicking malicious links, is on the rise in Brazil. With the visible trend of mobile devices being used for digital transactions, cybercriminals can exploit potential vulnerabilities to spread malware, access sensitive information, and commit financial fraud. According to a recent survey by Norton, a cybersecurity brand from Gen™ (NASDAQ: GEN), 32% of Brazilians have experienced an attempted scam this year, with 54% of these attempts occurring via SMS. In this context, Norton emphasizes the importance of digital education and protection against scams in the digital world.
“Smishing is a combination of the terms ‘phishing’ and ‘SMS’ (Short Messaging Service) and refers to attacks carried out through fraudulent text messages. Unlike traditional phishing, which occurs via email, smishing exploits the credibility of well-known services to deceive people into sharing sensitive information, such as passwords, credit card numbers, and banking credentials. These attacks can result in identity theft, financial losses, and malware installation on victims’ devices,” says Iskander Sanchez-Rola, Director of Innovation at Norton.
Common smishing scams
There are several types of smishing scams, and here are some of the most common:
- Fake package delivery notifications: one of the most frequent scams, especially during promotional seasons or holidays, involves fake messages from shipping companies like FedEx, UPS, or Correios. These messages alert about issues with package deliveries or request tracking, containing malicious links.
- Financial scams: cybercriminals often impersonate banks or financial institutions to obtain confidential data, such as passwords, credit card numbers, and banking information. The messages typically warn about suspicious activity or request data updates.
- Deceptive confirmations: this scam uses fake purchase confirmations, appointments, or services, leading users to phishing sites where confidential information is requested.
- Fake customer service: in this type of smishing, fraudsters pose as customer service representatives from trusted companies, such as online stores or service providers, claiming there is an issue with the consumer’s account. The messages contain links directing to fake sites where sensitive data can be stolen.
- Fake gifts and prizes: offers of nonexistent prizes, such as giveaways or gifts, are frequently used to lure victims. The messages claim the person has won something but ask them to click a link to “redeem the prize.” This can infect the consumer’s device with malware.
Iskander Sanchez-Rola shares how to stay safe, considering some digital security practices that can help reduce smishing risks:
- Do not share personal information via SMS: never provide sensitive data, such as passwords, credit card numbers, or email addresses, through text messages.
- Verify the source of suspicious messages: be cautious with unknown numbers or unusual formats, especially international ones.
- Use two-factor authentication: this increases the security of your online accounts and adds an extra layer of protection, even if you fall victim to a scam and your password is compromised.
- Avoid clicking on suspicious links or files: an unknown link or file may secretly contain malware or lead to a fake site to steal personal information.
- Contact the institution or company directly to confirm any requests received via SMS.
- Download reliable antivirus software such as Norton 360, which protects against malware, phishing, and other digital threats.
The impact of scams on Brazilians
In Brazil, four out of ten Brazilians (43%) who were targeted by scams ended up becoming victims. Of these (43%) consumers, 77% of the victims suffered financial losses. The average reported loss was R$ 1,211.46, with some cases reaching R$ 40,000.00. Similarly, in addition to financial losses, 33% of victims had their personal data compromised.
The Norton survey also highlights the main scams experienced by people (43%) who fell victim to scams. These include:
- Payment scams (37%)
- SMS and smishing scams (25%)
- Social media message scams (18%)
Methodology
The study was conducted online in Brazil by Dynata on behalf of Gen, from December 5 to 19, 2024, among 1,002 adults aged 18 or older.
