Tax Smishing (SMS text-based Phishing)

Introduction

Tax season is stressful enough on its own. Now, some California residents face an extra headache: A wave of smartphone scams (also known as smishing campaigns) designed to trick hardworking taxpayers into handing over sensitive information.

Whether or not you’re in the red zone for this particular wave of attacks, smishing scams can affect anyone—especially during tense and confusing times like tax season.

What can you do to protect yourself from threats like this?

How the Scam Works in Action

Scammers have recently been sending text messages spoofed to look like they’re from California’s Franchise Tax Board (FTB). These messages promise a refund, but only if you click a link and provide your payment or banking details quickly.

These aren’t real refund notices, though. They’re traps set by cybercriminals.

Meanwhile, Attorney General Rob Bonta has publicly warned Californians about this rising threat. He emphasizes that these scams are just one of many ways that impersonators try to pose as government agencies. Assuming the role of an authority figure makes their scams much more convincing. People want to comply, and don’t think twice before sending personal information that the hackers then use to steal financial or personal data.

In California and everywhere else, remember not to click on links in texts claiming to be from government agencies or financial authorities. Rely only on official websites for conducting important business!

What Makes These Messages So Dangerous?

Anyone can be targeted by this type of scammer. A misplaced click can lead to identity theft, financial loss, or long-term damage to your digital and financial health. On top of that, these campaigns are becoming incredibly convincing. It’s not just quickly-identifiable spam; you could easily think these messages are real.

  • Fake Domains: If a message comes from a URL like ftb.ca-nt.cc instead of a .gov website, consider it suspicious.
  • High-Pressure Tactics: Scammers push you to act fast, because urgency can cloud judgment. Messages like, “Claim your refund before it’s gone!” or “There was a problem with your tax return…” can be red flags.
  • Personal Data Requests: No genuine tax authority will ever request credit card numbers or passwords via text message. Real government agencies will direct you to use a secure portal or snail mail.
  • Fake Instructions: Avoid following odd instructions. If a message says, “reply ‘Y’, then close and reopen,” that’s a trick.

Noticing these red flags are the first and arguably most crucial step. Avoid and report these scams when you can, and you’ll make tax season safer for everyone!

Conclusion

This isn’t about placing blame, but rather about staying alert. As these scams get smarter, so must we all. Whenever you see a suspicious SMS claiming to be from the FTB, IRS, or any other official source:

  • Pause before you tap.
  • Check the sender’s domain and look for .gov.
  • Visit official sites directly when in doubt.
  • Share this warning with friends and family, especially people who might be less tech-savvy.

Protecting against scams isn’t just keeping yourself more secure. It’s helping safeguard your entire community, too.

The post When Tax Season Texts Turn Into Smishing Attacks appeared first on Cybersafe.