Endpoint/Device Security, Threat Management, Compliance Management

FTC highlights robotext scams as industry signals resistance to regulation

According to the U.S. Public Interest Research Group, the number of automated texts sent to American consumers increased from 1 billion a month in June 2021 to 15 billion a month in January 2023. (Image credit: celiaosk via Getty Images)

The Federal Trade Commission is highlighting the most common forms of text-based scams sent to consumers as industry lobbying groups insist newly proposed regulations are unnecessary.

If you receive a text on your phone from your bank, about a job, a gift or a delivery (especially from Amazon), there’s a great chance you’re about to get scammed.

According to the Federal Trade Commission’s latest data released Thursday, fake fraud prevention from scammers impersonating banks are 20 times more common than they were in 2019. In these schemes, victims are asked about suspicious activity around their bank accounts, and when they respond, they receive a call from someone purporting to be from the fraud department recover the funds, but who use their information to transfer money out of their bank account.

Random messages about free gifts or rewards from recognizable brands are also popular, with users paying a “shipping fee” for items or promotions that will never come, while handing over their credit card numbers in the process.

Similarly, messages about package deliveries, whether purporting to be from the U.S. Postal Service, FedEx or UPS, are designed to prey on the same sense of anticipation and mystery victims feel about receiving an unknown item, and often target people who post their resumes on online job boards.

Finally, texts about fake job offers from well-known brands, or security alerts from “Amazon” about unauthorized purchases on your account, round out the top five.

Together, these schemes make up more than 40% of a random sample of text frauds reported to the government last year.

Wireless carriers resist anti-scam robotext regulations

The research comes the same week a telecommunications lobbying group publicly urged the Federal Communications Commission to hold off on pending regulations that would force mobile providers to treat unwanted robotexts the same way they do robocalls and block messages from numbers associated with scammers or fraudulent campaigns.

The FCC has formally proposed and sought comment on a set of new rules that would expand national Do-Not-Call registries to cover unwanted text messages, requiring mobile wireless providers to block at the network level texts from numbers on a “reasonable” list of numbers that have been found to be invalid, unallocated, unused or where subscribers have indicated they were sent without consent and requested they be blocked.

It would also require certain providers to proactively block texts from numbers that have been flagged by the FCC as likely illegal, and ban marketers from claiming they’ve received consent from multiple parties to contact consumers based on a single consent.

The FCC said that in addition to violating consumer privacy and facilitating identity theft and fraud, automated mobile texting can exacerbate and intensify the impact for many of these crimes and facilitate others, like delivering malware.

“Text message-based scams can include links to well-designed phishing websites that appear identical to the website of a legitimate company and can fool a victim into providing personal or financial information. Texted links can also load unwanted software onto a device, including malware that steals passwords, credentials, or other personal information,” the commission wrote in February.

But a petition submitted in response by the Competitive Carrier Association, a lobbying shop representing wireless service providers, and published to the Federal Register this week, presses the FCC not to adopt the rules, saying they would interfere with ongoing industry initiatives to develop (voluntary) best practice standards around filtering unwanted text messages.

“In addition to the work individual wireless providers are doing to protect their customers, the wireless industry works collaboratively with industry partners to develop standards and best practices to find solutions to most effectively block spam texts and calls. These efforts have yielded significant success, but the work is still ongoing,” wrote Angela Simpson, general counsel and senior vice president of legal regulatory affairs, and Alexandra Mays, assistant general counsel and director for the Competitive Carriers Association. “The Commission should therefore refrain from adopting additional rules targeting unwanted text messages at this time to avoid disrupting the work already being done and to avoid putting unnecessary burdens on providers.”

The group also asked the FCC to consider the resourcing of smaller carriers and, if the rules are finalized, give them more time to comply.

Text-based fraud is worse than ever

But anyone with a cell phone today probably has direct experience with just how poorly carriers have addressed the problem of robotext scams in recent years.

According to the U.S. Public Interest Research Group, a consumer watchdog nonprofit, the number of automated texts sent to American consumers has exploded over the past two years, from 1 billion a month in June 2021 to 15 billion a month in January 2023. Last year, more than 1 in 5 fraud cases reported to the FTC involved a scammer texting potential victims.

A 2022 report from Robokillers, a commercial app that blocks unwanted mobile spam and scam messages, estimated that consumers collectively received more than 66 billion robotexts last year and were bilked for more than $9 billion in fraudulent schemes, while noting that many scams go unreported and the true numbers could be even higher.

The FTC cites more modest numbers, saying text-based scams lightened the wallets of consumers by $330 million last year, with the average victim losing around $1,000.

The issue has gotten so bad that 51 Democratic and Republican state attorneys general wrote a joint letter last year endorsing the FCC’s plans, saying they too are receiving increasing complaints while urging the agency to take a harder line with mobile providers.

“As federal and state law enforcement have worked tirelessly to combat the bad actors sending illegal robocalls, as well as the voice service providers that put their proverbial heads in the sand when transmitting illegal traffic to American consumers, we agree with the Commission that bad actors have most likely shifted tactics to take advantage of consumers’ most favored method of communication – text messaging,” the AGs wrote last December.

Derek B. Johnson

Derek is a senior editor and reporter at SC Media, where he has spent the past three years providing award-winning coverage of cybersecurity news across the public and private sectors. Prior to that, he was a senior reporter covering cybersecurity policy at Federal Computer Week. Derek has a bachelor’s degree in print journalism from Hofstra University in New York and a master’s degree in public policy from George Mason University in Virginia.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.