Thousands of smartphone owners are being duped by a wave of fake bank text messages designed to look like official alerts, according to a warning circulated by Comparatel.fr. The campaign has already compromised about 3,000 bank accounts and is aimed at stealing as much as €50 million (about $54 million).
The texts mimic the look and tone of legitimate bank notifications, leaning on the trust people naturally place in messages that appear to come from their financial institution. The alert highlights a troubling reality: even with modern smartphone security, a well-crafted SMS can still push victims into handing over sensitive information.
As cybercriminals refine their phishing tactics, the fraudulent messages are spreading widely and trapping more phone users—raising questions about why these scams can slip past the defenses people assume their devices provide.
A convincing copy of “official” bank alerts
The fraudulent message closely reproduces the format and language of authentic bank notifications. The scammers exploit a basic psychological weakness: people tend to lower their guard when a text looks official. Unlike phishing emails, which can be filtered by mail servers, fraudulent SMS messages can more easily bypass traditional defenses on phones.
The urgency and personal feel of a text—often appearing directly on a locked screen—adds surprise and can short-circuit a recipient’s critical thinking, the Comparatel.fr alert said.
Smishing: why text-message scams keep working
The campaign is a clear example of “smishing,” a blend of “SMS” and “phishing.” Comparatel.fr says these messages are no longer the clumsy, mass-blast attempts common in the 2000s. Instead, they’re increasingly targeted.
Cybercriminals can pull personal data from compromised databases or poorly secured third-party sites, then craft messages that appear to come from the victim’s bank. And because banks often send texts from ordinary phone numbers or anonymized short codes—without a clear, official sender ID—recipients can’t quickly verify whether the message is legitimate.
The compromise chain: from a click to stolen data
The scam follows a familiar but effective playbook. The text typically pushes the recipient to click a link, claiming an urgent account verification is needed or that suspicious activity has been detected.
After clicking, the user is taken to a counterfeit website that replicates the official look of their bank’s online portal. There, victims enter credentials, account numbers, security codes, or biometric-related data. Once captured, the information can be used immediately for unauthorized transfers or identity theft.
Why smartphones still leave people exposed
Even with advanced protections, phones remain a weak point. Users often place too much trust in native notifications because they can feel like they’re coming from the operating system itself. On top of that, warnings in mobile browsers can be subtle—or ignored when a person is stressed by the urgency the message creates.
Comparatel.fr also points to a structural gap: most smartphones don’t offer built-in filtering for sophisticated fraudulent SMS messages that matches the level of anti-phishing filtering commonly used for email.
What the Comparatel.fr alert says about the scale
The Comparatel.fr warning frames the campaign as a reminder that personal security depends less on technology than on constant vigilance. No device—no matter how “smart”—can replace skepticism when a message asks for sensitive information.
Frequently asked questions
How many bank accounts have been compromised? Comparatel.fr says about 3,000 accounts have been compromised, with an estimated target of €50 million (about $54 million).
How do scammers replicate official bank messages? They closely imitate the format and tone of authentic bank notifications to exploit users’ trust in communications from their financial institutions.
Why can fraudulent texts be more effective than phishing emails? Comparatel.fr says SMS messages can more easily bypass traditional phone defenses, and their urgent, personal nature creates a direct notification on a locked screen that can short-circuit critical thinking.
What psychological bias does the scam exploit? The alert says cybercriminals take advantage of people’s lack of vigilance toward texts that appear official, relying on the trust users place in bank-style notifications.
