What Is Smishing?
Smishing is similar to phishing except the message is sent via text message or SMS. Smishing is especially scary because people are more likely to trust a text being sent more than an email.
Smishers try to get you to provide your personal information.
The information they usually look for can be anything including your social security number, credit card information, and online password.
When the smisher gets your information, they can use it to start applying for credit in your name, access accounts, or numerous other fraud activities.
Examples of Smishing Scams
Most people are aware of email scams and know not to click on any links from unknown people or companies. Sometimes your spam filter catches them and you never see them.
People are less aware of smishing scams and tend to be more trusting when receiving messages on their phone to click a link or to call a number back. These scammers use a mix of social engineering and psychology in order to steal your information.
Text or Call this Number Back
Some victims have reported that they were told that they won a prize, usually some substantial amount of money, and they are asked to call a number and wait on the line to claim it. Once the caller connects, they are convinced to give out sensitive or personal information in order to claim their bogus winnings.
Others may get an unexpected text message appearing to be from their bank or credit card company, informing them that their account has been hacked into and deactivated “for your protection.” The message will tell them to reply or “text back” in order to reactivate their account. This has a few potential dangers.
Malware could be, unbeknownst to you, installed that can silently record and collect usage information in the background. Imagine the kind of damage a scammer to do if you log into your secure apps like financial institutions or password keepers. Or you may just end up with unwanted charges on your cell phone bill for subscriptions or one time charges.
Package Delivery Link
Some texts may even include a link to a fake site that is just a good enough forgery to trick the recipients into trying to log in with their real information.
One of the most common smishing scams is the package delivery scam. This is where a person gets a text on their cell phone telling them about a package that they are expecting from companies like Fed Ex or UPS.
You’re taken to a fake web page and asked to fill out a customer satisfaction survey. When you do, you receive a thank you and an opportunity to claim an expensive product for free as a reward.
To do that you have to provide the scammer with your address and credit card number. Even though the reward is free, the scammer will indicate that you still need to pay a small shipping and handling fee.
The real scam is in the fine print, which most people don’t read and this is where they get you.
By agreeing to pay the small shipping fee, you’re also signing up for a free 14-day trial of the scammer’s products. When that trial is over your credit card will be billed every month for what you thought you were getting for free.
How to Protect Yourself from Smishing Scams
You need to just be as vigilant concerning your text messages as you are suspicious of emails.
- Beware of messages that claim to be from government agencies. Scam text messages from the IRS and Social Security Administration are the most common. The IRS never sends unsolicited text messages or initiates contact via email, text message or social media. The Social Security Administration does allow marketing firms to send emails and texts to raise awareness of their online services. But only if you signed up for it.
- Don’t respond to messages that convey a sense of urgency. These scams imply that you have to respond immediately in order to take advantage of an opportunity or avoid a penalty.
- Don’t be fooled by someone who seems to be familiar with you. These text messages come across as very familiar and friendly. These smishing text messages may use your name. Even though they come from unfamiliar numbers, sometimes it looks like it comes from a number you might recognize.
- Do not click embedded links from suspicious text messages. They could contain malicious code that could infect your cell phone.
- Never respond to suspicious text messages. Even if the message says that you can text “stop” to prevent any more texts coming from them. Doing this just let’s the scammers know that the number is good and you’ll receive more texts.
- Most importantly you should delete all suspicious texts from your phone.
How Can I Protect Myself?
If you receive a suspicious text from an official-sounding entity and want to check it out, don’t use any information from the text.
Instead, call or email the company directly, using a number or email from the real company’s website, or from a recent bill, if it’s a company you regularly do business with.