Five dangerous text SMS phishing scams that are spreading in 2021

Phishing scams have surged during the pandemic and throughout 2021, with an unprecedented number hitting inboxes around the world. This is especially true of phishing scams that are distributed by text (SMS) messages. (Also called smishing.)

These scams have one goal in mind. To lure a recipient into clicking an attached link that will lead to a malicious website. That website will attempt to either trick the visitor into downloading malware or lure them into entering personal and sensitive information about themselves, which will be sent straight to the crook, potentially resulting in identity theft.

In all of these cases, a recipient can avoid being scammed simply by not clicking the link. We look at 5 phishing scams sent through text that have been popular in 2021. And while all of these scams have been sent using text messages, most have versions that are also distributed by email, social media (e.g. WhatsApp) and even through cold calling victims over the phone.

5. Tax rebates relating to COVID relief scam

Messages claiming to offer some sort of tax relief relating to the COVID pandemic have become increasingly popular. They often appear to be sent by the recipient’s tax entity. So for example in the UK the messages appear to come from the HMRC or in the US they come from the IRS. Sometimes they appear to have been sent directly from the government. They urge recipients to click a link to claim their rebate or refund.

The above example was sent in the UK and appears to have been sent by the HMRC.

4. Bank suspicious activity scams

Perhaps one of the most persistent phishing scams is the claim that your bank has detected suspicious activity and needs you to click a link to rectify the issue. It’s a successful social engineering tactic since the thought of crooks accessing our bank accounts is alarming enough to lure victims into making rash decisions.

The above examples target HSBC and Wells Fargo customers but can be used to target any bank customer.

Such scams can also claim a payee was added or a payment attempted to panic recipients into clicking a link, like the below examples.


3. Courier shipping fees scam

Whether it’s DPD, USPS, the Royal Mail or any other courier or postal service, text messages about shipping or custom fees are very common, especially as many are turning to Internet shopping amid the pandemic. The scam texts claim you have a parcel waiting but you need to pay a small shipping free to get it, and you need to click the link to make the payment.

In the above examples, one claims to the from the Royal Mail and the other from UPS claiming the recipients needs to pay either a shipping fee or a customs fee.


Sponsored Content. Continued below...




2. Courier reschedule delivery scam

Similar to the above example, but instead of demanding a shipping fee, the text asks the recipient to click the link to reschedule a delivery. These scams can vary once the recipient clicks the link. The malicious website may then demand a shipping fee (in which case this is the same as the above scam) or they may urge the visitor to enter their personal information, which is then used to commit identity fraud.

The above example uses DPD, but again this can use almost any postal or courier service.

1. Eligible for COVID vaccine scam

As most countries are working to vaccinate their citizens, many are waiting to be invited to have their vaccination. And crooks are taking advantage by sending scam texts claiming they can get vaccinated once they click a link.

These have been particularly popular in the UK which is using a trickle-down approach to vaccinations. The above example claims to be from the UK’s NHS.

While we’ve seen a rise in these five phishing scams sent through text, there are countless other variants. Always play it safe, and never click on links sent to you in messages or emails. It’s better to be safe than sorry. Remember that we’re always warning of specific text and email phishing scams as they pop out of the woodwork, so follow us on Facebook and Twitter to make sure you’re kept up-to-date.