We often get spam messages that are both annoying and dangerous. Cybercriminals use targets' mobile phones to break into accounts and steal personal information, in so-called "smishing" attacks.
Smishing, or SMS phishing, is when a criminal sends malicious text messages containing a link or a number to call back to in order to obtain private information through a fake but genuine looking message.
When a user clicks on the link or calls the number provided in the SMS message, he falls prey to the scam. The practice has been around for years, however, new scams are cropping up every day.
What do I do to avoid smishing attacks?
- Don't click links in text messages, especially if the message is from someone you don't know. But, be aware that attack messages can appear to come from someone you do know, so think before you click.
- Don't respond to text messages that request private or financial information from you or your business.
- If you receive a message that appears to be from your bank, financial institution, or other entity that you do business with, contact that business directly to determine if they sent you a legitimate request. Also, review this entity's policy on sending text messages to customers.
- Beware of messages that have a number that says it is from "5000" or some other number that is not a cell number. Scammers mask their identity by using email-to-text services to avoid revealing their actual phone number.
- If a text message is urging you to act or respond quickly, stop and think about why it's doing so. Remember that criminals urgency as a tactic to dupe you into taking a desired action.
- Never reply to a suspicious text message without verifying the source. If your bank is really going to cancel your credit card, you should be able to call the number on the back of your card to discuss this matter with them.
- Never call a phone number from an unknown texter.
Expect smishing to become more prominent in years to come. The statistics are leaning in the criminals' favor, and it's up to cell phone users to be smart about the ploys.
And remember, always think before you click!
Sources
http://fortune.com/2017/07/07/smishing-scam/
http://blog.nskinc.com/it-services-boston/10_tips_to_avoid_smishing