The Rise of Smishing Scams in the Digital Age

By: Gonipalli Bharath, Vel Tech University, Chennai, India, International Center for AI and Cyber Security Research and Innovations, Asia University, Taiwan, Gmail: gonipallibharath@gmail.com

Abstract:

Smishing, a portmanteau of SMS phishing, has emerged as one of the serious cybersecurity threats in this ever-evolving landscape of digital communication. It is a malicious technique in which cyber criminals send fake text messages and fool people into giving away sensitive information, such as passwords, banking details, or personal identification numbers. This article looks at the most recent increase in smishing scams, including the methods they use, their effects, and possible countermeasures. The objective is to further elaborate on the concept of smishing and how it impacts society in the digital age using case studies, statistical trends, and mitigation strategies.

Introduction:

The widespread use of mobile devices has made it easier and faster to communicate with others. In turn, it has also opened up new avenues for cybercriminals. One such cyberattack is smishing, which plays on the trust and urgency of mobile users. Traditional phishing usually targets email users, but smishing is based on text messages. These messages most of the time appear to come from trusted sources, like banks, delivery services, or government agencies, and urge the recipient to take immediate action.

The increasing popularity of smishing creates a significant vulnerability for both companies and people. According to reports in cybersecurity, smishing scams have grown drastically for the last decade [^[1]]. This might be because smishing attacks can be mounted without much investment or at a lower cost with heavy returns and general users’ lack of awareness about unwanted texts. Smishing remains an ever-present danger because technology continuously evolves, new methods of attack by cybercriminals appear, and thereby smishing persists.

Literature Review:

Several studies indicate that smishing scams have been growing alarmingly in the recent past. For example, a report by Lookout, a leading cybersecurity firm, the global number of smartphone users in 2016 accounted for 2.7 billion. In the year 2022, the amount increased to 6.5 billion and is estimated to reach more than 7.7 billion by the year 2027. The change that has been brought forth in mobile devices is that from luxury it has become a requirement. Not only smartphones have confidential information regarding photographs, emails, and social network profiles, but they are also used frequently to pay for utilities and conduct financial transactions through online stores [^[2]]. The reason for this, according to the report, has been the increase in the use of mobile devices both for personal and professional communication.

Researchers have identified various kinds of smishing, considering the modus operandi used. This is like a mode of operation or pattern of illegal behaviour so distinguishable that separate crimes or improper conduct are recognized as the work of the same individual.

Common categories include prize scams, which involve promising a victim some form of reward; bank alerts, relying on fear tactics in order to get the users to give out account information; delivery scams, taking advantage of high online shopping usage; and subscription scams, in which users are warned about unauthorized charges [^[3]].

An important finding made by the anti-smishing campaign group was on the psychometric dimensions of smishing-the ways these messages are exploiting human emotions based on urgency, fear, or curiosity [^[4]]. That “suspecting a wrong banking action”, or some similar story, may spark an immediate urge in the minds of victims who often respond to unknowingly leak personal and sensitive information.

Methodology:

This study has used a mixed-method approach to understand the dynamics of smishing scams.

• Quantitative Analysis:

Frequency and other details related to the incident of smishing attacks have been retrieved from cybersecurity reports, government databases, and surveys. Such data allows the understanding of time trends and geographical distribution.

• Qualitative Analysis:

Victims of smishing fraud were interviewed to understand their experiences, perceptions, and the psychological impacts of such an attack. Case studies were considered for understanding patterns in the ways of smishing.

• Comparative Analysis:

A comparison analysis was made to identify regional differences in smishing tactics. While bank-related smishing is more prevalent in developed nations, delivery-related scams are present in regions where online shopping is very active.

• Technical Review:

The study reviewed the technological implements of the attackers, such as spoofing tools and systems for automated messaging, as well as those deployed by the defenders, including anti-smishing software and network-level filtering systems.

The common categories of smishing frauds are listed below:

Types	Tactic	Example
Prize Scams	The assurance of winning.	You’ve won $1000! To make a claim, “Click here”
Bank Alerts	Urgent warnings on regarding account security.	A suspicious login was discovered, “Verify here”
Delivery Scams	Fraudulent delivery updates.	Your package is on hold “update the information now”
Subscription Scams	Unauthorized charges claim.	You have been charged $50, “Cancel here”

Results and Discussion:

The review identified the following key issues:

• Increasing of attacks:

Because attackers are using automated techniques to deliver messages in large quantities, smishing scams have increased in frequency.

• Complexity:

Cyber-criminals employ advanced practices such as URL shortenings and fake websites with similar functionalities to their intended legitimate website platform.

• Low Awareness:

While the threat is growing, a large proportion of people are unaware of smishing. Many users do not recognize the red flags of fraudulent messages.

• Economic Impact:

The cases of smishing scams have resulted in billions of dollars in losses each year. Victims not only lose money but also face the risk of identity theft.

Conclusion:

The rise in smishing scams requires a multi-pronged approach in the way cybersecurity is carried out. Awareness creation among users, especially on the dangers of unsolicited text messages and how to identify fraudulent content, is very key. Technological solutions, including spam filters and two-factor authentication, can also play a major role in preventing the attacks. Organizations should be well ahead in offering their customers safety through robust security measures and updates on any kind of threat likelihood. Tighter regulations will also need to be implemented by governments in order to prevent cybercrimes and improve collaboration between various players. As the way of communication changes over time, it will be important to fight smishing scams continuously and innovatively.

References:

1. Alkhalil, Zainab, Chaminda Hewage, Liqaa Nawaf, and Imtiaz Khan. “Phishing Attacks: A Recent Comprehensive Study and a New Anatomy.” Frontiers in Computer Science 3 (March 9, 2021). https://doi.org/10.3389/fcomp.2021.563060.
2. Goenka, Richa, Meenu Chawla, and Namita Tiwari. “A Comprehensive Survey of Phishing: Mediums, Intended Targets, Attack and Defence Techniques and a Novel Taxonomy.” International Journal of Information Security 23, no. 2 (April 1, 2024): 819–48. https://doi.org/10.1007/s10207-023-00768-x.
3. “Human Factors in Phishing Attacks: A Systematic Literature Review | ACM Computing Surveys.” Accessed January 8, 2025. https://dl.acm.org/doi/abs/10.1145/3469886.
4. Pinjarkar, Latika, Pawan Rajendra Hete, Mahantesh Mattada, Santosh Nejakar, Poorva Agrawal, and Gagandeep Kaur. “An Examination of Prevalent Online Scams: Phishing Attacks, Banking Frauds, and E-Commerce Deceptions.” In 2024 Second International Conference on Advances in Information Technology (ICAIT), 1:1–6, 2024. https://doi.org/10.1109/ICAIT61638.2024.10690377.
5. Deveci, M., Pamucar, D., Gokasar, I., Köppen, M., & Gupta, B. B. (2022). Personal mobility in metaverse with autonomous vehicles using Q-rung orthopair fuzzy sets based OPA-RAFSI model. IEEE Transactions on Intelligent Transportation Systems, 24(12), 15642-15651.
6. Lv, L., Wu, Z., Zhang, L., Gupta, B. B., & Tian, Z. (2022). An edge-AI based forecasting approach for improving smart microgrid efficiency. IEEE Transactions on Industrial Informatics, 18(11), 7946-7954.
7. Rahaman M. (2025) Understanding Smishing: An Introduction to Mobile Phishing Threats in the Digital Age, Insights2Techinfo, pp.1

Cite As

Bharath G. (2025) The Rise of Smishing Scams in the Digital Age, Insights2Techinfo, pp.1

825600cookie-checkThe Rise of Smishing Scams in the Digital Ageyes