Insider Threat Management

US Smishing Increases … But Reporting It Just Got Easier

Share with your network!

Recent months have reported record volumes of smishing within the US and worldwide. In the US, threat activity appeared to cool in the early part of the year as volumes decreased in February and March; however, average monthly smishing reports have been over 300% higher since then. At this pace, smishing volume in the US will be nearly 20% higher for 2022 compared to 2021.


Figure 1: Graph of reported abuse classified as smishing

The news isn’t all bad, though. Proofpoint’s Cloudmark division enables customers of mobile network operators (MNOs) within the US and other regions, including the UK to report abuse, spam, smishing and unwanted text messaging. For over ten years, recipients have been able to report this abuse by forwarding messaging to the short code 7726, which spells “SPAM.” These reported messages help make the global mobile ecosystem safer for everyone.

Over the past few years, things have been even easier for owners of Android phones. These devices support simplified reporting that helps users keep their messaging inboxes clean while sending unwanted or malicious messages to their MNO and to Proofpoint.  

And now, with the recent release of Apple iOS version 16, US-based Apple iPhone users have access to the same simplified reporting capability enjoyed by Android users.


Figure 2: Report Junk option in iOS 16

With any US-based iOS 16 device, users can simply report an abusive or unwanted message from an unfamiliar sender by pressing the “Report Junk” option. Reporting a message in this way will mark it as junk/spam and send the message to Apple and our Mobile Abuse Visibility Solution via the MNO’s messaging infrastructure.

Reporting abuse is important as it helps mobile network operators, phone manufacturers and their security partners to protect users. When a message is reported through the system, we create a digital “fingerprint” to improve response against current and future threats, all while maintaining strict user privacy controls. The fingerprint uses both message content and metadata related to the sender and network, and those classified as spam, abuse, or otherwise malicious, are propagated to Proofpoint’s Cloudmark global solutions within 30 seconds. Any smishing matching the fingerprint will then be proactively blocked, improving the ecosystem for over 1.6 billion mobile users worldwide.

With smishing and other forms of mobile messaging abuse on the rise, mobile users should remain vigilant for suspicious text messages across SMS, MMS, RCS, iMessage and other platforms. If you encounter smishing, spam, or other unwanted or abusive content, please use of the Android and iOS reporting features outlined above. If this capability is unavailable, you can still forward spam text messages to 7726, which spells “SPAM” on the phone keypad.

Head to the Proofpoint Threat Hub for more threat insights.