Since our July blog, which focused on the increase in mobile political spam volume, unwanted political messaging has continued to grow at a rapid pace. Subscriber reports of these messages increased 67% in September compared with June. We can expect the increases to not only continue, but to accelerate as we approach the November election.
As we previously pointed out, most political messaging comes from political action committees, parties and candidates seeking support and donations. Although for many people these messages are a nuisance, they are not typically abusive or fraudulent. The graphic below shows a recent example of an unwanted political message reported by a subscriber.
Sample of an unwanted political message reported in September 2024.
Reported messages are not always just a nuisance, which is why we recommend that mobile subscribers stay vigilant and skeptical of mobile messaging. Subscriber reports of messages classified as smishing, attempting to steal credentials or other personal information, have steadily increased by 11.6% since the beginning of this year’s third quarter (July).
Below is an example of a malicious smishing message. The subsequent graph shows the relative increase in reports of abusive or malicious messages since April of this year.
Sample of malicious smishing message reported in September 2024.
Subscriber reports of smishing, from the start the second quarter 2024.
As in the past, we recommend that you continue to be highly suspicious of mobile messages, including political messages. To stay safe, follow these “do’s and don’ts.”
Do’s
- Be on the lookout for suspicious mobile messages. Criminals increasingly employ mobile messaging and smishing as an attack vector.
- Carefully consider before providing your mobile phone number to an unknown entity.
- Whenever you receive a mobile message that contains a URL (web link), including a political message, do not click on the URL. Instead, use your device’s browser to access the known sender’s website directly. Or use the brand’s app, if it’s installed on your device.
- Report unwanted messaging (spam) and smishing to your mobile network operator (service provider) and the Mobile Abuse Visibility Solution run by Proofpoint. To do this, make use of the built-in iOS and Android reporting features by clicking “Report Junk” on iOS or “Report Spam” on Android devices. If this simplified reporting capability is not available, you can forward the unwanted/spam text messages to 7726 which spells “SPAM” on the phone keypad. These reports help the mobile network operator and Proofpoint protect other subscribers from abusive content.
- Be careful when downloading and installing software to your mobile device. Make sure to read install prompts closely. And pay close attention to information about the rights and privileges that the app may request.
Don’ts
- Don’t respond to any unsolicited political, enterprise or commercial messages from any vendor or organization that you don’t recognize. Doing so often confirms that you’re a real person.
- Don’t install software on your mobile device from any source other than a certified app store from the vendor or mobile network operator.
Check out the latest threat insight blog posts from Proofpoint.
To learn more about Proofpoint mobile messaging solutions, visit the Cloudmark website.