According to Infosecurity Magazine, SMS fraud losses are set to decline 11% next year, dropping from $80 billion in 2025 to $71 billion in 2026. Juniper Research analyst Ardit Ballhysa explained that diminishing message volumes make it harder for fraudsters to hide their scam traffic within legitimate communications. Improved operator security measures, particularly enhanced firewall capabilities, are also making it increasingly difficult for bad actors to reach consumers. However, the threat landscape remains dangerous with Chinese groups like “Smishing Triad” registering 60,000 domain names for campaigns impersonating US toll road agencies. Security firm SecAlliance also reported that Chinese smishing syndicates may have compromised as many as 115 million US payment cards over a 16-month period.
Sponsored content — provided for informational and promotional purposes.
<h2 id="why-fraud-is-declining”>The silver lining in declining SMS
Here‘s the thing about fraud – it’s a numbers game. When overall SMS volume drops, scammers can’t blend in as easily. Think about it: if you’re sending millions of messages daily, a few thousand scam texts might go unnoticed. But when message volumes shrink, those same scam messages stand out like sore thumbs. This drives up costs for fraudsters and makes their operations less profitable. Basically, the economics of SMS fraud are getting worse for the bad guys. And that’s exactly what we want.
But don’t celebrate just yet
While the overall numbers are improving, the sophistication of attacks is skyrocketing. Phishing-as-a-service platforms are now empowering complete tech novices to run sophisticated smishing campaigns. These platforms handle everything – working across SMS, iMessage, and RCS, offering multiple social engineering lures, and even harvesting OTP codes when criminals try to use stolen card information. The Chinese “Smishing Triad” group’s campaign against US toll road agencies shows how organized these operations have become. Sixty thousand domain names? That’s industrial-scale fraud.
The RCS problem coming our way
Now here’s where things get really interesting. Rich Communication Service (RCS) messages are the next frontier, and they’re packed with features that could become security nightmares. High-resolution photos, rich media, clickable buttons – all perfect for creating more convincing scams. Current security measures that just screen sender IDs won’t cut it anymore. Operators need firewalls with deep content inspection that can actually analyze what’s inside those messages. The challenge? That’s computationally expensive and raises privacy concerns. But without it, we’re basically handing fraudsters a whole new playground.
Where do we go from here?
So is this decline in SMS fraud losses just a temporary blip? Maybe. Fraudsters are incredibly adaptable – when one revenue stream dries up, they pivot to another. The shift toward RCS gives them fresh opportunities, and the phishing-as-a-service model lowers the barrier to entry significantly. The key will be whether operators can stay ahead of the curve with those deep content inspection capabilities Ballhysa mentioned. Because let’s be honest – scammers aren’t going away. They’re just finding new ways to reach us.
