In April this year Australians lost $14.6 million to scans according to the ACCC Scamwatch — the lowest it’s been since August last year. While the trend is downwards there are disturbing results from the latest reports — SMS phishing (or smishing) is on the rise.

The number of scams reported in April is 20% less than that reported in March and the lowest since July of last year. Investment scams remains remain the most damaging to Australians with it costing Aussies $8 million in April alone. Another big segment was unexpected prize and lottery scams with 67% of monies lost from these a result of using social media as the delivery mechanism.

Although scams delivered via phone calls continued to be the most profitiable and common delivery method for scammers in April (46%), text message delivery increased by 20% from March and up 81% from the same time last year. In all 4,681 text message scams were reported in April, the highest amount in the history of Scamwatch (since 2018).

Proofpoint ANZ area vice-president Crispin Kerr, said:

“While it’s promising to see a reduction in the amount of money lost and the total number of scams reported to the ACCC’s Scamwatch in the past month, we would urge Australians not to get too complacent. Scammers are constantly evolving their attack techniques and tailoring them to current events such as the ongoing pandemic or the upcoming tax time. For these reasons, the next surge of scam activity is never too far away and with this in mind, we would advise people to remain cautious.

The latest figures from the ACCC are consistent with a wider global trend that text messages are becoming one of the most preferred ways for cybercriminals to target victims. In the first quarter of 2020 text messages accounted for 2,924 of all phishing scams reported to the ACCC, while in the first quarter of 2021, this figure has jumped by more than 42% to 4,148.

These types of attacks are commonly referred to as ‘smishing’ (SMS phishing). In smishing texts, scammers will often use fake branding of an organisation such as a company logo, combined with a sense of urgency and usually some form of request for the target to click on a malicious link contained within the text. 

Consumers seem to be more trusting of messages from purported companies received via SMS than by email and thus more likely to click on links within messages. With SMS phishing on the rise it seems this behaviour needs to change.

If you believe you have been contacted by a scammer you should NOT click on any links and report the scam to the ACCC’s Scamwatch. It is imperative that you communicate with businesses and organisations through their official channels only and never give out your personal details to an unsolicited source. With online access continuing to grow it’s a good time to remind each other of the danger of phishing scams.