Smishing Statistics: The Menace of SMS-based Phishing Attack

Reading time: 6 min read
Aditya Rayaprolu
Written by
Aditya Rayaprolu

Updated · Jan 02, 2024

Aditya Rayaprolu
Technology Architect | McKinsey & Company | Joined February 2023 | LinkedIn
Aditya Rayaprolu

Aditya is an Azure DevOps and Infrastructure Virtualization Architect with experience in automation,... | See full bio

Girlie Defensor
Edited by
Girlie Defensor


Girlie Defensor
Joined June 2023
Girlie Defensor

Girlie is an accomplished writer with an interest in technology and literature. With years of experi... | See full bio

Techjury is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more.

“Congratulations! You just won a free trip to Hawai! Click here to claim the grand prize!”

If you’re familiar with that dubious line, then you know it’s fake. 

However, unfortunately for millions of victims worldwide, that line marked the beginning of a scamming nightmare.    

SMS Phishing or Smishing is a form of data theft, a cyber crime that’s designed to steal information and money. More than 3.5 billion mobile phone users receive these messages daily, but only about 22% of people aged 18–22 can know about it and its consequences.

Get to know why smishing is gaining popularity with the latest statistics below.

Editor’s Choice

  • Smishing attacks boosted by 700% in the first six months of 2021.
  • Threat actors posing as postal delivery companies sent 53.2% of reported scam text messages.
  • Individuals clicking SMS-based links are between 8.9 percent and 14.5 percent.
  • US phone users received more than 87 billion spam texts in total.
  • Losses amounted to $86 million in 2020.
  • Consumers lost more than $10 billion because of spam texts in 2021.
  • Roughly 14,000 smishing complaints were received in 2020.
  • Around 47 billion spam texts have been sent so far in 2021.
  • Only 23% of users were able to define smishing correctly.
  • The Bank of Ireland paid 800,000 Euros to over 300 customers who had fallen victim to smishing.

How Common Is Smishing?

SMS phishing increased by 13% in 2021. However, data shows that 74% of its victims are companies, not private individuals. 

In 2022, 83% of businesses blamed phishing for most of the cyberattacks they encountered. This is because companies use emails and text messages as their everyday communication channels. Employees are bound to open fraudulent messages that ‘look’ official. 

While fighting off smishing attacks is challenging, staying alert and embracing security measures for this cyber threat are essential.

Smishing Reports Statistics

The average American adult spends over 5 hours on their phone daily. This influx of usage also increased scam incidents done by phone, like spam calls, spam emails, and of course, smishing.

These attacks dramatically rose by 24% in the US alone. Over the previous year, it has been critical for individuals to stay vigilant in protecting themselves from this danger.

As the reliance on mobile phones for communication increases, smishing has been heavily  tailgating behind.

1. Smishing attacks increased by 700% in the first six months of 2021.

(IT Pro) 

 SMS phishing rose 700% in the first half of 2021

2021 was riddled with smishing attacks, alarmingly shot up by 700% for the first six months. This surge is caused by improving sms technology. It has made it easier for attackers to send text messages simultaneously, boosting the efficiency and spread of their operations.

This disturbing craze highlights the significance of user vigilance and robust security procedures against cyberattacks.


Smishing is a social engineering scam cleverly written to make you do what it wants. Scammers who craft phishing texts know the likelihood of a person clicking a message’s link is never zero.

Specifically, the click-through rates range from 8.9% to 14.5%, giving criminals an ample supply of victims if they cast a wide enough net.

For good measure, scammers also engineer these texts as if they come from a trusted source, creating a false sense of security and leading the recipient to click the link without giving it much thought.

3. Roughly 14,000 smishing complaints were received in 2020.


The Federal Communications Commission (FTC) received 14,000 smishing complaints in 2020–– up 146% from the prior year.

These were primarily unwanted text messages sent to the Latino community when the COVID-19 pandemic hit. The texts persuaded the victims to hand over personal and banking information for COVID-19 help from organizations or the government.

✅ Pro Tip

If you’ve fallen into a smishing scam, take a deep breath and plan your next move. First, report the fraud to your local authorities, and file a complaint with the FTC. You can also track down the scammer with the help of lookup tools and other proven methods.

Smishing Damage and Loss Statistics

In 2021, cybercrimes cost the world $6 trillion– and smishing contributed to that heavily.

Smishing perpetrated massive damage and monetary loss for individuals and businesses. The statistics smear a grim picture of people losing millions of dollars and valuable information to scammers.

4. Losses amounted to $86 million during COVID-laden 2020.

(AARP, Proofpoint)

COVID times helped scammers steal $86 million via smishing.

SMS-based scams rose 328% in the middle of 2020. By the end of the year, Smishing managed to steal an accumulated $86 million from victims.

Like what they did to the Latino community, scammers used the chaos of the COVID-19 pandemic to fool more people. They sent fraudulent text messages, pretending to be organizations offering COVID-19 relief assistance, vaccines, and monetary help.

Aside from the financial losses, this occurrence also derailed the people’s trust and confidence in legitimate government bodies that tried to help during the pandemic.

5. Consumers lost more than $10 billion because of spam texts in 2021.

(Consumer Reports)

Individuals lost over $10 billion when approximately 8.7 billion spam texts were sent to US phone numbers in 2021. Unsolicited and deceptive text messages targeted unsuspecting individuals, urging them to buy bogus offers and hand over Personal Identifiable Information (PII).

✅ Pro Tip:

To protect important accounts, check for a multi-factor authentication feature and activate it. This system safeguards better than a single password. It adds extra layers of security and discourages criminals from getting access to your accounts using your stolen PII. 

6. The Bank of Ireland paid 800,000 Euros to over 300 customers who have fallen victim to smishing.

(The Irish Times)

The fraudsters imitated a legitimate entity to mislead individuals into disclosing their PII, resulting in a loss of €800,000.

The cybercriminals successfully conned Bank of Ireland customers to expose their sensitive details and approve transactions, leading to a substantial payout. 

👍 Helpful Article: 

Smishing is just part of a grand list of scams criminals commit online. Knowing the statistics behind other types of cybercrimes keeps you in the loop, further enhancing your ability to protect yourself.


Smishing statistics are vital to understanding how this attack works. By examining its trends and impact, users can study security loopholes and develop effective countermeasures to fight it.

Statistics help enable self-defense strategies to create a safer digital environment for all ages by continuously monitoring how this scam has evolved over the years.


Does less than 35% of the population know what smishing is?

Yes, SMS scams look different and are more challenging to detect.

Why are smishing attacks successful?

It is successful because there is no effective filter for SMS messages compared to emails.

What is the accuracy of smishing?

According to the result of an experiment, smishing has an accuracy of 96.4%.

What is the impact of smishing?

Once cybercriminals access your personal information, they can commit identity fraud and have a long-term impact on your financial well-being and credit score.


Facebook LinkedIn Twitter
Leave your comment

Your email address will not be published.