“Smishing,” a relatively new type of electronic fraud, targets cell phone users. But there are things you can do to avoid becoming a victim.
Many of us have heard of “phishing,” including emails sent by Nigerian nationals who really want to share their newfound wealth – in exchange for our banking and credit card info. Now there’s a new version of phishing. It’s called “smishing” because it involves SMS (text) messages sent to cell phones.
Even though smishing has been around a few years, it’s now more prevalent because so many of us use cell phones. And more of us are using them to do online banking and other financial transactions.
When fraudsters go smishing, they send your cell a text message or automated call that seems really urgent. For example:
• “We confirm that you have signed up for our dating service. You will be charged $2 a day unless you cancel your order on this URL: www.datingsite.com”;
• “ABC Credit Union has deactivated your debit card. To reactivate call urgent: 1-206-555-1212”;
• email@example.com/visa (Card Blocked) Alert. For more information please call 1-877-555-1212;
• “Sale at XYZ store!” Click on the link to redeem coupon: www.xyzstore.com\coupon”
You’re given either a phone number to call back, or a website to go to. Once there, you’ll be asked to “fix the problem” or “claim the reward” by providing personal info and numbers for your bank accounts, PINs, driver’s licenses, Social Security, or credit cards. In some cases, the scammers will start with a benign message to lure you in before smishing begins.
Armed with the information that victims provide, scammers then steal — from bank accounts, charge purchases, create phony ATM cards, you name it. If you end up on a phony website, malicious software can sometimes get downloaded and installed on your cell phone, allowing access to data resident on the phone, including emails, financial information and contacts.
How to Smash Smishing
Be suspicious of phone messages sent to you from “5000,” or any other number that does not look like a phone number. In many cases, the smishing message appears as coming from “5000,” instead of an actual phone number. This usually indicates the SMS was sent by email to the cell phone, rather than from another cell phone.
In addition, always consider the following:
1. Do you know who is sending you this text? (Do you recognize the number or name?). If the answer is No, don’t respond.
2. Does the text request personal information or sound urgent? If the answer is yes, don’t respond. Never reply to a suspicious text message without verifying the source. If the bank is really going to cancel your card, you should be able to call the number on the back of your card to discuss it with them.
3. If you get a message that seems to be from your financial institution(s), stop right there. Then contact that business directly to find out if they sent you a legitimate request. Review the company’s policy on sending text messages to customers.
4. Avoid clicking links within text messages from someone you don’t know. But also be aware that a link could appear from someone you DO know. So always think before you click. The bait is always changing.
If you have been smished, let us know what happened.