The IRS warns smishing attacks are on the rise

David Strom 13 Oct 2022

Some of the more potent lures contain links to pages that appear to be banking sites that then ask you to unlock or purchase a credit card.

Smishing, or phishing carried out using SMS text messages, is once again on the rise, according to new reports from the IRS. They have warned Americans of the situation last month; this warning joins one issued by the FCC back in July. The IRS said the attacks have increased exponentially, especially texts that appear to be coming from the taxing agency.

It's important to note that no matter who you are or your particular tax situation, the IRS never communicates with anyone in this fashion, or by email either. “It is phishing on an industrial scale,” said IRS commissioner Chuck Rettig. They urge people getting these messages to either forward them to 7726 (that is SPAM on the phone keyboard) or by emailing them to the agency.

Both my wife and I get, on average, several of these scam texts each week on various dubious subjects. They typically are phony package delivery acknowledgements on packages that we never ordered, or offers to send us money out of the blue. We just look at each other and ask, “why are we getting these messages at this moment?” The simple answer is criminals want our money or our private data, or both.

This summer, some of these smishing texts were linked to a special trojan called FluBot. That scam infected more than 60,000 devices and collected millions of users’ phone numbers. The attackers are looking for your banking information, or any personal information that they can subsequently use to leverage another scam and make them more believable. Some of the more potent lures contain links to pages that appear to be banking sites that then ask you to unlock or purchase a credit card. Don’t fall for these!

We've written extensively about these attacks, including this analysis of how the attack actually works and the various scams at work on the Google Play Store. Both of these posts are worth reviewing to gain some insight into the attacker’s mindset and also to understand how hard it is to defend against them. 

What to do to avoid being a victim

First off, don’t respond to any text or email message from scammers: that just encourages them to communicate with you further. Realize that criminals can easily spoof any originating phone number or email address to increase credibility, so be wary of texts from “friends” that you haven’t heard from recently, or don’t usually text. As we like to say, if your gut is saying something is fishy, it probably is.

Pay attention to the message content, and think carefully before you respond to any text message that is requesting something from you. Look for misspellings or odd phrases that indicate a non-native speaker. If a message is trying to compel a particular action or has a sense of urgency, that should also raise suspicion. 

Never download any links embedded in the message. Instead, always go to a separate browsing session and bring up the package delivery vendor directly. Similarly, if you get an unexpected text from some vendor you actually do business with, call them back on their main office number.

Finally, if you have been duped, file a complaint to local law enforcement and notify your wireless carrier or internet service provider. There are also three places to complain to make the information available to investigators:

--> -->