You may have heard of email phishing, but have you heard of smishing? Smishing (SMS phishing) involves deceptive text messages that try to get you to act or respond.
A typical smishing attempt may seem like it’s from your bank or the IRS and include a link or phone number to bait you into clicking or calling. Fraudsters also adjust their messages based on timing and current events.
For example, scammers know that toward the end of year, families are preparing for the holidays and employees often have insurance open enrollment decisions to make. What would you do if you received a text message like one of these?
If you respond, you stand a good chance of being hooked. And that’s when the scammers get to work, manipulating your personal information, which they can sell and/or use in other scams. Smishers may also try to entice you into downloading malware to your phone.
A seemingly innocent message from an unknown number asking about your kids’ gift wish list or saying they won’t be able to attend a non-existent party could be a pig butchering attempt. These fraud schemes start with an “accidental” message to a wrong number. If you respond, the unknown person will start a conversation and befriend you. Once trust is built, your new friend asks for help by sending them money or tells you about a great new investment opportunity.
Things you can do to avoid becoming a smishing victim include:
- Never click links, reply to text messages or call numbers you don’t recognize.
- Do not respond, even if the message requests that you “text STOP” to end messages.
- Delete all suspicious texts.
- Make sure your smart device OS and security apps are updated to the latest version.
- Consider installing anti-malware software on your device for added security.
- Protect any sensitive personal information – bank accounts, health records, social media accounts, etc. – by using multi-factor authentication to access it.
Validate any suspicious texts. If you get a text claiming to be from a company or government agency, look up the official website for contact information. Call or email them separately to confirm whether you received a legitimate text. A simple web search can thwart a scammer.
Bottom line: Stop before you engage and avoid the urge to respond.
For more information and links to file complaints with the FCC or FTC, go to https://www.fcc.gov/avoid-temptation-smishing-scams.
