SEC Issues Alert on Phishing, Smishing and Vishing Scams Targeting Investor Accounts

U.S. Securities and Exchange Commission issued a warning to investors on April 23, 2026, about phishing, smishing, and vishing scams targeting financial, investment, or personal accounts. ZeroHedge reported the alert, which defines these scams as methods where fraudsters pose as trusted entities like investment firms, banks, or personal services to trick individuals into providing sensitive information.

Malicious actors then use obtained details such as social security numbers, bank account numbers, ATM PINs, and driver’s licenses to access targets’ accounts. Phishing involves emails that urge recipients to reply, click links to fake websites, or open attachments that install malware.

Fraudsters enhance authenticity by using real names of people, companies, or government agencies, along with email addresses incorporating those names, official-looking fine print, legal references, graphics, and logos.

These emails often create urgency, claiming accounts will close without updates, reporting issues with account or payment information, or promising prizes like monetary rewards. Smishing uses texts or direct messages for similar deceptions, while vishing relies on phone calls to extract information. The SEC's alert aligns with broader efforts to address cyber threats.

President Donald Trump signed an executive order on March 6, 2026, titled 'Combating Cybercrime, Fraud, and Predatory Schemes Against American Citizens,' which defines cybercrime to include phishing scams, ransomware and malware attacks, sextortion, financial fraud, and impersonation.

The FBI's 2025 Internet Crime Report identified phishing as a major financial crime type for that year. The agency’s Internet Crime Complaint Center received more than 1 million complaints from individuals defrauded of money in 2025.