Smishing, a form of phishing that uses text messages to deceive victims and steal personal data or click on malicious links, is on the rise in Brazil. With the visible trend of mobile devices being used for digital transactions, cybercriminals can exploit potential vulnerabilities to spread malware, access confidential information and commit financial fraud. According to a recent survey of theNorton, cybersecurity brand of theGen™ (NASDAQ: GEN), 32% of Brazilians experienced an attempted scam this year, with 54% of these attempts occurring via SMS. In this context, Norton emphasizes the importance of digital education and protection against scams in the digital world.
Smishing is a combination of the terms 'phishing' and 'SMS'Short Messaging Serviceand refers to attacks carried out through fraudulent text messages. Unlike traditional phishing, that occurs by email, smishing exploits the credibility of known services to deceive people into sharing confidential information, as passwords, credit card numbers and banking credentials. These attacks can result in identity theft, financial losses and installation of malware on the victims' devices, says Iskander Sanchez-Rola, Director of Innovation at Norton.
Common smishing scams
There are several types of smishing scams and here are some of the most common ones
- False package delivery notificationsone of the most common scams, especially during promotional seasons or holidays, involves false messages from carriers like FedEx, UPS or Post Office. These messages alert about problems with package deliveries or request tracking, with malicious links.
- Financial scamscybercriminals often impersonate banks or financial institutions to obtain confidential data, as passwords, credit card numbers and bank information. The messages usually alert about suspicious activities or request data updates.
- Misleading confirmationsthis scam uses purchase confirmations, false commitments or services, leading users to phishing sites where confidential information is requested.
- Service to the fake customerin this type of smishing, fraudsters pose as customer service representatives of trusted companies, such as online stores or service providers, claiming that there is a problem with the consumer's account. The messages contain links directing to fake websites, where confidential data can be stolen.
- Fake giveaways and prizesoffers of non-existent prizes, like raffles or giveaways, are often used to attract victims. The messages state that the person won something, but they ask to click on a link to "claim the prize". This can infect the consumer's device with malware.
Iskander Sanchez-Rola shares how to stay safe, considering some digital security practices that can help reduce the risks of smishing
- Do not share personal information via SMSnever provide confidential data, as passwords, credit card numbers or email addresses, through text messages.
- Check the origin of suspicious messagesbe careful with unknown numbers or unusual formats, especially the international ones.
- Use two-factor authenticationthis increases the security of your online accounts and adds an extra layer of security, even if you are a victim of a scam and your password is compromised.
- Avoid clicking on suspicious links or filesa link or unknown file may secretly contain malware or lead to a fake site to steal personal information.
- Contact the institution or company directlyto confirm any requests received via SMS.
- Download a reliable antivirus softwarehow theNorton 360, that protects against malware, phishing and other digital threats.
The impact of the coups on Brazilians
In Brazil, four in every ten Brazilians (43%) who were targeted by scams ended up becoming victims. Of these (43%) consumers, 77% of the victims suffered financial losses. The average reported loss was R$ 1.211,46, with some cases reaching R$ 40.000,00. In the same way, besides the financial losses, 33% of the victims had their personal data compromised.
Norton's research also points out the main scams suffered by people (43%), who were victims of scams. They are:
- Payment strikes (37%)
- SMS scams and smishing (25%)
- Message scams via social networks (18%)
Methodology
The study was conducted online in Brazil by Dynata on behalf of Gen, from December 5 to December 19, 2024, between 1.002 adults aged 18 or older
