Taking money: how scammers use SMS bombing against Russians
Fraudsters are introducing a two-stage SMS bombing scheme against Russians (receiving a large number of messages on a smartphone). The Russian Interior Ministry warned about this. Such techniques are designed to cause panic among potential victims, as well as encourage them to take quick and thoughtless actions that benefit intruders. For more information about how scammers use SMS bombing against Russians, how dangerous this technique is and how to protect yourself from the threats associated with it, read the Izvestia article.
What did the Interior Ministry say about the new SMS-bombing schemes?
The fact that fraudsters are introducing a two-stage SMS bombing scheme against Russians was reported this week in the press center of the Russian Interior Ministry. According to the agency, at the first stage, scammers use special programs.
"During the attack, the victim's phone receives a huge number of messages, allegedly from government agencies, banks, microfinance organizations, online stores and other various online services," the department said.
The content of such messages may vary. In particular, they may disguise themselves as official notifications about account hacking or loan processing. In addition, during such attacks, various confirmation codes are sent to SMS messages, as well as links to malicious and phishing sites. They usually duplicate the official websites of banks, the Gosuslugi portal, and other resources.
"On phishing pages, the user is asked to enter usernames and passwords to log into banking applications, passport data, bank card data (number, expiration date, CVC)," the Interior Ministry said.
In the second stage of the scheme, scammers call the disoriented victim under the guise of representatives of a "mobile operator", ask her to confirm personal data and name the code from the message, allegedly to stop SMS bombing. As a result, fraudsters gain control over users' devices, infect them with malicious software, and steal funds.
What is the technique of SMS bombing interesting to scammers?
Initially, SMS bombing was used in competition or as a distraction, Alexander Vurasko, Director of Development at the Solar AURA External Digital Threat Monitoring Center (Solar Group), said in an interview with Izvestia. While the victim was dealing with the text message flow, her attention was blunted, which opened up opportunities for other attacks.
— For example, attackers could hack a user's page on a social network, because it is much more difficult to notice among the numerous SMS messages about unauthorized login to the account, — the expert notes.
Such scenarios are still used today, and the example described by the Ministry of Internal Affairs with a call from scammers allegedly on behalf of a mobile operator is not uncommon, Alexander Vurasko clarifies. But still, the majority of SMS bombing cases these days are related to the desire to take revenge or harm a person. According to the expert, there have already been cases when phone scammers took revenge in this way on people who bullied them during a phone call.
Attackers can use SMS bombing to "punish" a person for rude conversation, refusal to interact, or attempted resistance, as well as as a tool of pressure, manipulation, or distraction to convince the victim to give out certain data, adds Sergey Golovanov, chief expert at Kaspersky Lab. Phone scammers are likely to continue using this method, as it does not require complex resources and is easily integrated into various social engineering schemes, he believes.
"Launching such an attack is not difficult: GitHub is flooded with SMS bombing scripts, and in Telegram you can easily find bots that will bombard the victim with hundreds of messages for free or for a small fee,— notes Alexander Vurasko.
How SMS bombing schemes may change in 2026
The fraudulent trend of SMS bombing will continue throughout 2026, the head of BI believes.ZONE AntiFraud Alexey Luzhnov. Fraudsters, he said, often use SMS-bombing techniques as the first stage of more complex schemes. For example, after a series of messages, a person may receive a call on behalf of the bank's security service or an online service and offer to "urgently resolve a problem" that is allegedly related to a suspicious transaction.
"This scheme can be used in scenarios involving loan processing, transfer confirmation, or an attempt to gain access to a personal account," the expert says.
In addition, fraudsters can first send an SMS with a request to call back to the specified number on their own, Alexey Luzhnov adds. In this case, the victim himself becomes the initiator of the connection, and the conversation continues over a regular telephone connection, which helps the attackers reduce possible suspicions. When a person dials a number themselves, they are less likely to expect fraud and are more willing to engage in dialogue.
The technique of SMS bombing can become especially relevant for intruders in conditions of unstable Internet and the transition to communication via text messages, adds Vitaly Fomin, head of the information security analyst group at the Digital Economy League. In addition, it can complement the classic telephone fraud schemes.
— A possible option is a call from the bank's support: attackers will insist that suspicious transactions are taking place on behalf of the victim, which are mentioned in the text messages received, and the account needs to be urgently blocked by calling a code for this, — says Konstantin, an expert on network threats and a web developer at Security Code. Gorbunov.
In 2026, an increase in the number of SMS bombing attacks is expected, since automated services for their implementation are available to intruders, MTS Defender experts say. At the same time, combined schemes are especially dangerous for Russians, when a wave of SMS spam is followed by a call asking them to turn on a screen demonstration. In this case, the code from a real SMS (for example, from a bank) is read by a fraudster directly from the user's phone.
How to protect yourself from the consequences of SMS-bombing scammers
The target audience of SMS bombing techniques are active users of online services who are aware that accounts are sometimes hacked and have taken care to protect themselves, says Sergey Polunin, head of the Gazinformservice IT infrastructure solutions protection group, in an interview with Izvestia. However, such people often do not have deep knowledge in the field of information security, and it is quite easy to mislead them with a wave of SMS messages, since they have never seen what a real attack looks like, the expert notes.
"SMS bombing damages not only citizens, but also businesses,— adds Vitaly Fomin. — Mass sending of authorization messages through forms on the website or in the application can significantly increase the cost of an SMS aggregator, as well as disable the working business model when the load was predictable.
To protect users from such threats, Sergey Golovanov urges to remain calm: if you receive a call from a scammer, it is better to listen, say that the offer is not interesting, and end the conversation without entering into conflict or provoking the interlocutor. If the attack has already begun, you should temporarily turn off your smartphone and contact your mobile operator, for example, to temporarily connect an additional number.
The main rule of protection is to do nothing quickly when there is a barrage of text messages, says Yakov Filevsky, an expert on sociotechnical testing at Angara Security. At such times, according to the expert, it is forbidden to tell anyone the codes sent, follow the links from the messages, install any applications and continue the conversation with the one who called.
— Contact your mobile operator and inform them about the SMS attack. Then check your main accounts, for example, banking applications and messengers, to make sure that everything is in order with them. If you suspect something, contact the official support of these resources, - concludes the interlocutor of Izvestia.
Переведено сервисом «Яндекс Переводчик»
