Improved operator security and a decline in overall messaging volumes will help to drive an 11% decrease in SMS fraud losses for consumers next year, according to Juniper Research.
The analyst predicted that subscriber losses to smishing, account takeover and other cyber-threats will shrink from $80bn in 2025 to $71bn in 2026.
“The value of SMS is declining for fraudulent players,” explained Ardit Ballhysa, senior research analyst at the firm.
“Diminishing message volume make it more difficult to conceal fraudulent traffic in legitimate traffic; driving up costs and eroding monetary gains for bad actors.”
However, operator efforts at improving the security of their services are also likely to bear fruit – notably, enhanced firewall capabilities which are making it increasingly difficult for fraudsters to reach end users with their scam messages.
Read more on SMS threats: Experts Warn of “SMS Pumping” Fraud Epidemic
This is not to say that SMS fraud is now under control.
In April, security experts warned of a new campaign from China-based threat group “Smishing Triad” which impersonated US toll road agencies like FasTrak, E-ZPass and I-Pass.
The group is said to have registered 60,000 domain names to support the campaign, spamming out millions of messages to consumers demanding payment for non-existent toll bills.
A few months later, a report from SecAlliance claimed that Chinese smishing syndicates may have compromised as many as 115 million US payment cards over a 16-month period.
Phishing-as-a-service (PhaaS) platforms are empowering even tech novices to generate revenue from such scams.
They do all the heavy lifting, working across SMS, iMessage and RCS, and offer multiple social engineering lures. They even harvest OTP codes when the threat actor attempts to provision stolen card information to digital wallets on attacker-controlled devices, the report claimed.
RCS the New Frontier in SMS Fraud
Rich Communication Service (RCS) messages enable users to share high-resolution photos, rich media, clickable buttons and more. Juniper Research believes the standard could also open the door to a new breed of mobile threats.
To ensure they’re not caught on the back foot, mobile operators must deploy firewalls with deep content inspection rather than merely screen sender IDs. This will enable them to detect malicious links and content within RCS messages, the analyst said.
“Deep content inspection will allow operators to identify emerging fraud patterns in real time,” Ballhysa noted.
“By analysing message content, rather than just the source, operators can not only block new fraud vectors faster, but also better protect subscribers as traffic shifts toward RCS.”