A surge in malicious SMS messages tricking European citizens, especially vulnerable groups like the digitally inexperienced and seniors, has prompted Executive Vice-President Virkkunen to outline the European Commission's strategy to enhance cybersecurity and protect end-users. Telecom providers, national authorities, and consumers are all in the spotlight with potential changes that may impact how SMS services are regulated and policed.
This response was crafted following a parliamentary question from MEP Yannis Maniatis of the Socialists and Democrats (S&D) group amid increasing phishing and smishing threats affecting countries such as Greece.
Virkkunen’s answer references the NIS2 Directive mandating Member States to devise national cybersecurity strategies emphasizing active protection and awareness efforts. The Commission’s recently proposed Digital Networks Act aims to empower the European regulators to issue guidelines reinforcing consumer defenses against fraudulent communications including SMS scams. Additionally, an impending comprehensive action plan on digital fraud, due May 2026, will focus on cross-sector coordination, victim support, and improved law enforcement capabilities.
The policy direction balances between increasing EU-level oversight over telecom operators and national authorities, urging stringent anti-fraud measures while preserving operational flexibility. It stops short of immediate concrete impositions such as SMS fees or mandatory sender ID certification but leaves room for delegated acts to bolster regulations.
Stakeholders impacted include telecom providers who may face stricter compliance and technical safeguards, national cybersecurity agencies tasked with implementing measures, EU consumers who stand to benefit from enhanced fraud protection, and law enforcement entities needing better tools for digital crime prosecution. Some telecoms might perceive new rules as cost and logistics burdens, while consumers gain increased security awareness and recourse.
Institutionally, the Commission’s action plan and possible delegated acts signal a proactive EU stance delivering a framework within weeks to guide digital communications security evolution.
← Atlas › News › Digital & Communication