Unexplained Surge In Robotext Scams

The US Federal Communications Commission (FCC) has reported increases in complaints due to scam robotexts and it says that Americans received more spam texts in 2021 than ever before. 

Robotext scams are rapidly increasing and could be more than robocalls as a current method of fraud. These are automated Text messages used to mask the originating number and make it appear that the text is coming from a number the recipient is likely to trust. 

Scammers use these methods to get you to respond to a text and the criminals may opt for a local number, or impersonate a government agency, such as the IRS, or a company you’re familiar with. Many of the scam texts contain messages regarding fake unpaid bills, bank account issues, and package deliveries. In addition, some of the scams pretend to be texting someone else.

The FCC tracks consumer complaints, and found that the number of complaints have risen from 5700 in 2019 to 15,300 in 2021. The FCC says that the amount of scam texts from robocall and robotext blocking services are increasing alongside the scam texts. Texas is a hotspot where users received over 10 billion fake messages. 

According to the anti-spam platform RoboKiller, Americans got 12.02 billion scam texts in June alone. The volume of spam texts rose 58% to 87.85 billion last year.

In June 2021, the FCC mandated the use of an anti-spoofing technology called the Secure Telephone Identity Revisited (STIR) protocol, and its implementation framework, Signature-based Handling of Asserted Information using toKENs (SHAKEN).  These anti-spoofing technologies are intended to stop scammers by applying digital signatures to telephone numbers from calling parties on Session Initiation Protocol (SIP) networks, although this technology only works with voice calls, not text messages.

Text-based scammers are typically trying to gain personal information about the recipient that can be exploited for financial gain - payment card numbers, proof of identity and other personal details. 

The FCC previously mandated the use of anti-spoofing technology to stop scammers by applying digital signatures to telephone numbers. This means that targets often receive phone calls that state “scam risk” and are therefore more aware of the nature of that call. The technology only applies to voice calls, not text messages. 

The FCC has  warned people to avoid responding to suspicious texts or clicking on any links they might contain. They can forward unwanted texts to SPAM (7726). "Scam text message senders want you to engage with them...  a robotexter may use fear and anxiety to get you to interact... Texts may include false-but-believable claims about unpaid bills, package delivery snafus, bank account problems, or law enforcement actions against you. They may provide confusing information, as if they were texting someone else, incomplete information, or utilise other techniques to spur your curiosity and engagement." the FCC has said.

Some scammers are usually after your money, others may simply be trying to collect personal information or confirm that a number is active for use in future scams.

The FFC advice is not to respond or click on any links in the message. If you think a text might be legitimate, you are advised to look up contact information separately and contact the company, government agency, or law enforcement directly.

FCC:     Robokiller:     Secureworld:    Unified Guru:    Oodalop:      Infosecurity Magazine:    TEISS:   

You Might Also Read: 

Two Million Extortion Emails Blocked Every Day:

 

« Dealing With Cyber Security Threats Is Hard Work
Update: British NHS Confirms A Damaging Software Attack »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

TSUNAMI

TSUNAMI

The TSUNAMi center focuses on software and system security and how trustworthy software can be built from COTS software components.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Cologix

Cologix

Cologix provides reliable, secure, scalable data center and interconnection solutions from 24 prime interconnection locations across 9 strategic North American edge markets.

ES2

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

Aergo

Aergo

Aergo offers an easier and more proven way to adopt blockchain and transform your business while building on your existing IT and cloud assets.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Carve Systems

Carve Systems

Carve Systems was founded to bring enterprise level information security, training, and risk management services to organizations of any size and industry.

SecondWrite

SecondWrite

SecondWrite’s next-generation malware detection engine delivers a combination of automatic deep code inspection and accurate scoring of zero-day malware.

Blacksands

Blacksands

Blacksands is a leader in network architecture, identity & services management, threat analysis, industrial IoT architecture, and invisible dynamic networks.

Purple Knight

Purple Knight

Purple Knight is a free Active Directory security assessment tool built and managed by an elite group of Microsoft identity experts.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

NexGen Cyber

NexGen Cyber

NexGen Cyber helps customers in commercial SMB markets with IT security, security integration, service management, outsourced service transition, and transformative security solutions.

Kusari

Kusari

Securing your software supply chain starts with understanding. Kusari is on a mission to bring transparency to your software supply chain and power secure development.

DOT Europe

DOT Europe

DOT Europe is a consensus based organisation which brings a diverse membership together to agree on their collective stance on EU tech policy.