FBI Issues Warning on Smishing Scams: What You Need to Know

In a recent advisory, the FBI has alerted the public to the rising threat of smishing scams—malicious text messages designed to capture sensitive personal information. As highlighted in a report by Fox 5 DC on March 12, 2025, the agency urged individuals to promptly delete any suspicious messages and file a complaint with the Internet Crime Complaint Center (IC3).

Background on Smishing Scams

This trend first came to light in April of the previous year when the FBI issued a warning regarding scams linked to unpaid toll services. Victims reported receiving messages that demanded payment for outstanding bills, often using similar language to enhance their credibility.

The IC3 defines smishing as a type of social engineering attack where cybercriminals exploit text messaging to induce users to download malware, disclose private information, or transfer money. The term is a blend of “SMS”and “phishing,”clearly indicating the modality and intention behind these scams.

Current Tactics Employed by Scammers

Recent intelligence from cybersecurity experts at Palo Alto Networks’ Unit 42 suggests that scammers are not only attempting to steal credit card and banking details but are also sending out deceptive delivery alerts containing misleading links. The bogus unpaid bills narrative continues to be a prevalent theme, often threatening recipients with penalties if payment is not made swiftly. Notable cities affected by these scams include Atlanta, Chicago, Dallas, Orlando, and Los Angeles, as reported by McAfee.

One victim, Maisha Floyd, recounted her ordeal in an interview with WXYZ Detroit on March 11, stating,

“It was actually professional looking. I didn’t see any red flags with it. I honestly didn’t.”

Preventative Measures Against Smishing Scams

According to Forbes, the FBI’s recent alerts indicate that cybercriminals are leveraging thousands of domains to conduct smishing schemes. Many of these operations are believed to be utilizing tools derived from Chinese cybercriminal networks, with some malicious domains identified as. XIN.

Victims of smishing are encouraged to report the incident to IC3, including the originating phone number and any associated links. The FBI also recommends visiting the official toll service website directly and contacting customer support for verification of any alleged outstanding payments.

The Federal Trade Commission (FTC) advises individuals to utilize the “Report Junk”feature on their mobile devices to flag scam texts effectively. Additionally, users should take steps to secure their accounts in the event of potential information compromise.

Kaspersky emphasizes the online dimension of smishing scams, warning that many fraudulent messages appear to be legitimate bank communications requesting sensitive details like account numbers. Cybercriminals often tailor their messages to resonate with specific target groups, sometimes employing cheap, disposable phones for their operations.

Even users of advanced iOS devices are not immune, as Apple’s security measures do not completely eliminate the risks associated with these attacks. If individuals fall victim to these scams, Kaspersky advises immediate reporting to relevant authorities and changing all account passwords and PINs.

Smishing scams can manifest in various forms, including those targeting COVID-19 relief programs, financial services, promotional gifts, and customer support inquiries. To minimize risk, individuals should verify the sender of any text message, particularly those from unfamiliar numbers, and consider installing anti-malware applications. Moreover, utilizing multi-factor authentication can add an extra layer of security through text message verification codes.

For more insights and a detailed discussion about smishing, please visit the source.