Posted: 1 Min ReadThreat Intelligence

SMS Phishing Attempts Are Riding the Presidential Election Wave

Symantec observed a significant increase in election-associated text messages containing malicious links in run-up to the 2020 election.

SMS-based outreach has become a standard in the political playbook, with candidates and their supporters soliciting financial support, opinions, and votes through texting with increasing frequency and sophistication. In the course of protecting enterprise endpoints, Symantec, a division of Broadcom (NASDAQ: AVGO), has turned up evidence of an increasingly prevalent scam tactic in the run-up to the U.S. presidential election: SMS phishing attempts using bait with campaign, voting, and political themes.

Symantec Endpoint Protection Mobile (SEP Mobile) shields users from SMS phishing attempts by checking URLs found in text messages against the threat intelligence in Symantec WebPulse, part of the Symantec Global Intelligence Network (GIN), and alerting users when the links are suspect.

We took a look at the links contained in SMS messages sent to mobile devices located in the United States between the first week in August and late October 2020 and found a sharp increase during that period in the percentage of election-themed messages containing phishing URLs.

Figure 1. Messages relating to the presidential election 2020 – August 3 to October 19
Figure 1. Messages relating to the presidential election 2020 – August 3 to October 19

Over the last three months, we observed the number of election-associated text messages containing links to websites double. Of these messages, we saw the number bringing the user to a scam/phishing/or attack-associated website increase from 1 in 5 (18.3%) to almost half (48.6%).

These attacks have been observed in all regions of the United States, and target the full range of the political spectrum.

Figure 2. Example election-related SMS phishing messages
Figure 2. Example election-related SMS phishing messages


SMS phishing presents a risk to all smartphone users. In addition to relying on protection like Symantec Endpoint Protection Mobile, it’s a good idea to follow these recommendations:

  • Be suspicious of texts that contain a call to action, such as a link or a request for you to call or text a phone number.
  • Be suspicious of messages that include anything suspicious or out of character, including misspelled words or improper grammar.
  • If you are unsure if a text has come from a legitimate organization, such as a bank or a hospital, for instance, look up their number using directory assistance or other trusted source and call them to check whether they have tried to contact you.

About the Author

Kevin Watkins

Security Researcher

Kevin is a security researcher in Symantec's Modern OS Security (MOS) division. He's constantly researching new and innovative ways to automate discovery of threats impacting mobile users.

About the Author

Shaun Aimoto

Technical Product Owner

Shaun is a member of Symantec’s Security Technology and Response team where he is focused on security research, and innovation on mobile platforms.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.