Smishing is using phone text messages to trick people into giving away personal information, account and password credentials, credit card or bank data, and other schemes. What these scams typically have in common is that they will imply a sense of urgency as well as impersonate someone you know or a business that you interact with, such as your bank or a service like Amazon. Cybercriminals like to target text messages because people typically respond more to text messages than any other form of communication.
Here is a list of the most common smishing scams according to the Federal Trade Commission.
Fake Bank Fraud Alert
These text messages will typically ask you if you’ve made a specific high-dollar purchase or did a money transfer that you don’t recognize. And the text may simply ask you to confirm Yes or No about the transaction. Later, you will get follow-up texts and even phone calls claiming that they represent your bank or credit card. And that they want to help you with this fraud. But they may ask you to confirm account information or to reveal other sensitive data. They may even try to get you to transfer additional funds.
Amazon Security Alerts
Similar to the Band Fraud alerts, these text messages claim to be from Amazon and want to “alert” you about some suspicious activity on your account. Or ask you to confirm an expensive Amazon purchase that you won’t recognize. These messages may also include a URL link or phone number that they want you to use to respond to or communicate about this alert. But they will use that as a way to get personal and account information from you. For any service that you have like this, it is always better to open a browser yourself, login to your account and see if there really is an issue, rather than trust a link or phone number from a text.
Free Gift Reward
These “free gift” texts often pitch that you’ve won a free prize. Or that you are being rewarded for something like paying your bill on time, or some other scheme. They are hoping that victims will reveal personal information when they are asked to claim their prize, which will put you at risk for identity theft. Or they may say that there is a small payment to cover shipping costs and they will try to get you to expose your banking or credit card information.
Bogus Job Offer
Cybercriminals often scan employment websites looking for contact information and they will send a text message about a bogus job offer. You should always be suspicious of job offers from a text message. But one easy way to spot a scam is when they offer to send you a check for some amount with instructions for you to send part of those funds to a different address for training, materials, or some other items.
Fake Package Delivery Issues
With the large number of online orders that consumers now do, sending a text about a package delivery might seem very common and not out of the ordinary. Plus, consumers would be motivated to respond because they are usually anxious to get their packages. Cybercriminals often try to impersonate the U.S. Postal Service, FedEx, or UPS. The text will usually claim that there is a problem with making the delivery and will provide a link in the text message for you to resolve the issue. Some scams will simply ask you to pay an additional 30 cents to cover a postage error. But once you give your credit card information, they have all they need to make purchases with your card.
Key points to remember:
- Be suspicious of any text message that asks you to provide personal or account information.
- Do not click on any links or call the number shown in a text message. Instead, open a browser yourself and go to the service website yourself. Or contact the service provider via a known and verified phone number.
- And one of the best ways to avoid Smishing is by not responding to any text message unless it is from someone that is already in your phone’s Contact List.
