Smishing: A Rising Security Threat?

Internet scam artists are moving beyond the email inbox, bypassing spam filters, and instead targeting consumers directly on their mobile devices via text messages. This new type of scam has been termed "smishing". 

What are smishing scams?

"Smishing" scams are similar in concept to phishing, except these scams are sent via SMS, the technology underlying the typical text message. Just like phishing scams, they often prey on people's panic and fast reactions. Fraudulent messages often appear to be warnings from your bank or other entities about unauthorized charges or access into your accounts.

Companies like Google and Yahoo are getting better at detecting fake email accounts and shutting them down. Users are becoming more aware and growing more suspicious of emails and cybercriminals know it. The next easiest thing for a scammer to do is to go to mobile.

There has been an uptick in activity recently, including a mystery shopping scam going around.  It starts out with a text invitation asking users to become a professional mystery shopper as a way to earn extra cash. To participate in the program users are instructed to send an email for more information, which then gets people roped into providing personal and banking information. These individuals or groups want to take your money and will go to extreme measures to trick you into believing that they are a legitimate business.

Some scammers are sophisticated enough to make their spam messages look like they're coming from a person you know and trust. If you get a weird message from a friend, it's a good idea to call them back on the phone and check if they actually sent the text.

How can you avoid smishing scams?

  • Always remember to think before you tap. 
  • If something sounds too good to be true, it probably is!
  • Make sure to use different passwords for everything from your bank's website and social media apps to your email account.
  • Two-factor authentication and password managers can also be useful.
  • Don’t deposit unknown checks. That fake check you got in the mail? It could bounce, leaving you responsible for bank fees.
  • Never wire money to strangers. Once your money is gone, it can’t be retrieved. 
  • Legitimate companies don’t charge people to work for them – they pay people to work for them.
  • Do your research. Check for resources on reputable mystery shopping companies and pay attention to their reviews and comments. Double check to make sure those comments are legitimate, too. 

If  you get a suspicious text from your bank or credit card company, you should call them back directly to verify the alert, rather than clicking any links (or responding to) these messages. 

Unfortunately, there's no foolproof way to block smishing messages entirely. The best course of action is to stay informed, be vigilant for suspicious texts messages, and think before you tap! 

Related Articles:

ITS Email Newsletter Archive

© 2018 IT Solutions Consulting, Inc. All rights reserved. Privacy Statement
IT Solutions
Top