Smishing, a form of phishing that uses text messages to deceive victims and steal personal data or click on malicious links, is on the rise in Brazil. With the visible trend of mobile devices being used for digital transactions, cybercriminals can exploit potential vulnerabilities to spread malware, access confidential information and commit financial fraud. According to a recent survey byNorton, cybersecurity brand of theGen™ (NASDAQ: GEN), 32% of Brazilians experienced a scam attempt this year, with 54% of these attempts occurring via SMS. In this context, Norton emphasizes the importance of digital education and protection against scams in the digital world.
“Smishing is a combination of the terms 'phishing' and 'SMS' (Short Messaging Serviceand refers to attacks carried out through fraudulent text messages. Unlike traditional phishing, that occurs by email, smishing exploits the credibility of known services to deceive people and make them share confidential information, like passwords, credit card numbers and banking credentials. These attacks can result in identity theft, financial losses and installation of malware on the victims' devices, says Iskander Sanchez-Rola, Director of Innovation at Norton.
Common smishing scams
There are several types of smishing scams and here are some of the most common ones:
- Fake package delivery notifications:one of the most frequent scams, especially during promotional seasons or holidays, involves false messages from carriers like FedEx, UPS or Correios. These messages alert about problems with package deliveries or request tracking, with malicious links.
- Financial scams:cybercriminals often impersonate banks or financial institutions to obtain confidential data, like passwords, credit card numbers and banking information. The messages usually alert about suspicious activities or request data updates.
- Misleading confirmations:this scam uses purchase confirmations, fake commitments or services, leading users to phishing sites where confidential information is requested.
- Fake customer service:in this type of smishing, fraudsters impersonate customer service representatives of trusted companies, like online stores or service providers, claiming that there is a problem with the consumer's account. The messages contain links directing to fake websites, where confidential data can be stolen.
- Fake Giveaways and Prizes:offers of nonexistent prizes, like raffles or giveaways, are often used to attract the victims. The messages state that the person won something, but they ask to click on a link to "claim the prize". This can infect the consumer's device with malware.
Iskander Sanchez-Rola shares how to stay safe, considering some digital security practices that can help reduce the risks of smishing
- Do not share personal information via SMS:never provide confidential data, like passwords, credit card numbers or email addresses, through text messages.
- Check the origin of suspicious messages:be careful with unknown numbers or unusual formats, especially the international ones.
- Use two-factor authentication:this increases the security of your online accounts and adds an extra layer of security, even if you are a victim of a scam and your password is compromised.
- Avoid clicking on suspicious links or files:a link or unknown file can secretly contain malware or lead to a fake site to steal personal information.
- Contact the institution or company directlyto confirm any requests received via SMS.
- Download a reliable antivirus softwareas theNorton 360, that protects against malware, phishing and other digital threats.
The impact of coups on Brazilians
In Brazil, four in ten Brazilians (43%) who were targeted by scams ended up becoming victims. Of these (43%) consumers, 77% of the victims suffered financial losses. The average reported loss was R$ 1.211,46, with some cases reaching R$ 40.000,00. In the same way, in addition to financial losses, 33% of the victims had their personal data compromised.
Norton's research also points out the main scams suffered by people (43%), who were victims of scams. They are:
- Payment scams (37%)
- SMS attacks and smishing (25%)
- Social media messaging scams (18%)
Methodology
The study was conducted online in Brazil by Dynata on behalf of Gen, from December 5 to December 19, 2024, between 1.002 adults aged 18 years or older
