Beware of smishing and SMS scams during major shopping events

As major spending events like Black Friday, Black Week, and holiday sales approach, fraudsters ramp up their activity. The simple text message is one of their most effective weapons.

This article contains: 

1. Why smishing scams increase during shopping holiday
2. Common examples and warning signs to look out for 
3. Practical steps to stay safe, for individuals and businesses 
   
   

What is smishing, and why does it spike during shopping holidays? 

“Smishing" refers to SMS-based phishing. These are fraudulent or deceptive text messages designed to trick you into sharing sensitive information, clicking malicious links, or installing harmful apps. 

Download SMS Under Siege” our latest smishing report 

Here are the key reasons why smishing becomes especially common during major shopping events: 

• High volume of online orders and deliveries. When people expect packages, it’s easier for attackers to send fake “shipment delay” or “customs fee due” messages. One survey showed that 49% of Swedes have been exposed to digital fraud or scam SMS, often around delivery times. 
  

• Trusted channels and mobile devices. People often receive legitimate texts from banks or delivery firms. A well-crafted scam SMS can seem normal. Mobile messages also get less scrutiny than email. One mobile phone operator reported blocking over 18 million scam SMS messages in the region during the first nine months of 2024.  
  

• During e-commerce peaks, your risk of receiving smishing messages increases. The sender may appear to be your bank, a courier, or a retailer. Behind it may be attackers trying to access your BankID, account, or credit card. 
   

Typical smishing scenarios around shopping holidays 

Shopping peaks like Black Friday create the perfect storm for fraud. A surge in deliveries, distracted consumers, and overloaded support teams gives scammers more opportunities and more cover.   

 
These are common scam methods used during high-traffic retail periods: 

• Delivery scam. “Your parcel is being held in customs. Pay the fee here [link] or it will be returned. 
  Many recipients are expecting a delivery, making the message feel credible. 

• Bank impersonation. “Suspicious transaction detected. Log in immediately via this link.” 
  This creates fear and prompts quick action. 
• Fake offer from a retailer. “Exclusive 80% off. Click now.” 
  This plays on deal hype and may lead to a fraudulent site or unwanted subscription. 

Best practices to avoid getting scammed during shopping season 

Here are practical tips to stay safe.  

• Be skeptical of unexpected texts. Especially those demanding urgent action. Always verify via official apps or websites. 
  

• Don’t click links in SMS from unknown senders. Legitimate organizations rarely ask you to enter credentials or install apps via text.  

• Never share sensitive info via SMS or by calling numbers listed in a message. Always contact the organization directly. 
  
• Check the sender ID carefully. Spoofing is common. Even familiar names can be faked. 
• Use official apps from banks or couriers instead of relying on SMS links. For example, one courier notes they “normally do not send links to payment pages.” 

Deepen your knowledge! Download " SMS Under Siege: A Five-Year Analysis of Smishing and Mobile Fraud in the Nordics” 

Summary 

As the next shopping season begins, the risk of smishing and SMS-based fraud increases. These messages don’t land in your inbox. They arrive on your phone, just when you're least alert. 

Treat unexpected messages like “Your parcel is held,” “Your account is locked,” or “Exclusive deal just for you” with caution. For businesses, it’s time to prepare, train, and strengthen your defenses, both technical and human. 

Enjoy the deals. Just don’t fall for the trap.