Best practice when affected by SMS fraud - how to detect a scam

SMS fraud poses a significant threat, taking advantage of the widespread use of text messaging to deceive individuals and companies. The consequences of falling victim to SMS fraud can be severe. As a business messaging solution provider, we understand the importance of equipping our customers with the knowledge to navigate the digital landscape safely. This article outlines best practices to identify and combat SMS fraud, along with recommended actions if you've been targeted by a scammer.

Understanding SMS fraud

Recognising and understanding SMS fraud in business messaging is crucial for safeguarding your company and customers. Scammers use text messages to trick people and companies into giving away sensitive information or falling victim to financial scams.  Stay alert and recognise warning signs like unexpected messages to protect yourself and your company from scams. It's important to stay informed and proactive in detecting and preventing SMS fraud to maintain the security and integrity of your operations.

Who are the scammers?

Scammers can be individuals acting alone or members of large global fraud networks. In some cases, individuals within your organisation can be part of a fraud. Scammers often disguise themselves as banks, authorities and large corporations. Some common examples of scam texts; the scammers want to:

  • Help you to stop an ongoing fraud on your bank account
  • Give you a prize that you have "won"
  • Lure you into helping a friend or family
  • Help you protect from a virus or other problem

How to identify potential SMS phishing scams

SMS fraud often disguises itself as legitimate messages from business, making it challenging to discern the malicious intent. However, companies in most cases, e.g., when sending promotions and campaigns, require opt-in from recipients before sending messages. There are certain red flags that, when recognised, can help you stay one step ahead. These are common scam tactics that both companies and individuals frequently come across.


Smishing tricks people into clicking malicious links that can harm their devices or take them to fake websites. To protect your customers from smishing, educate them on the usual content and requests in your company's text messages. 

A typical scam message

SMS spoofing

Spoofed messages impersonate a business by using the same Sender ID, tricking people and harming your brand's credibility. Protect your customers by listening to customer complaints about scammers pretending to be your company. Make sure to inform them about the sender ID your company uses, enabling them to verify the authenticity of messages from your company. In the following scenario, the sender ID "LEKAB" has been protected; however, there is a potential risk as scammers might exploit the unprotected sender ID "LEKAB AB" to deceitfully impersonate LEKAB as a brand.

Short number fake2

Artificially Inflated Traffic (AIT)

AIT is a fraudulent practice involving the mass sending of text messages to mobile phone numbers without the recipients' consent or awareness. This can rapidly escalate costs for companies based on the sheer quantity of messages dispatched. Protect your customers using CAPTCHAs, monitor unusual traffic patterns, and implement security protocols like 2-factor authentication for your systems. 

Actions to take when affected by SMS fraud

At LEKAB, ensuring the security of our customers is our top priority. We employ vigilant monitoring and advanced fraud detection tools to protect against fraudulent activities. However, recognising the dynamic nature of fraud, where scammers will always devise new tactics, we acknowledge that not every fraud can be avoided. As a LEKAB customer, we recommend that you take these actions when targeted by a scammer. 

  1. Contact us immediately so we can deactivate your account and block routes for your protection.
  2. Report the incident to the Police

3. For Swedish customers; forward suspicious text messages to Telekområdgivarna's short number 7726. The numbers correspond to the word SPAM on the phone's keypad and are a globally established number for reporting scam SMS. This way, operators can receive information about the SMS and its content and block the SMS aimed at fraud from being sent to more people.

Common practices to avoid SMS phishing scams

  • Check the Sender ID or number. Exercise caution if the sender's number looks unfamiliar or doesn't match a known contact.
  • Never click a link from a source you are not familiar with. 
  • Never call a phone number in an unexpected SMS or at the behest of someone else.
  • Be cautious of unexpected messages, especially those asking you to stop an ongoing fraud on your bank account. Banks will never call or text to ask you to provide personal details.
  • Check for misspellings and grammar errors.
  • Never provide personal details such as; name, credit card number, pinches, date of birth, or personal ID via SMS.

Read more tips & tricks at Svårlurad on how to avoid SMS phishing scams.

As SMS fraud continues to evolve, staying informed and adopting proactive measures is crucial. By recognising red flags and taking swift action when affected you can protect yourself against the threat of SMS fraud. Remember, your safety and security are our top priorities at LEKAB. Stay vigilant, stay secure. 

Get in touch