Most people are aware of phishing – or email scams – but they may not realize scammers can also target them with deceptive text messages sent to their smart devices. It's called "smishing": a mashup of SMS – for "short message service" – and phishing.
Smishing scams are becoming more commonplace, according to recent news reports from Fort Myers, Fla., Buffalo, N.Y. and Canton, Ohio.
A typical smishing scam message may seem like it's from a bank – maybe your bank – and include a link or phone number to bait you into clicking or calling. If you do, you stand a good chance of being hooked. And that's when the scammers get to work, manipulating your personal information, which they can sell and/or use in other scams. Smishers may also try to entice you into downloading malware to your device.
The tech blog Krebs on Security recently shed light on a particularly nasty smishing scam in Ohio that led to thieves siphoning cash from new "cardless" ATMs accessed by smartphones. Such scams are particularly effective in their use of deceptive tactics to manipulate victims, according to a recent article in betanews. "Criminals love smishing because users tend to trust text messages" more than email, the betanews article explained.
Things you can do to avoid being a victim of a smishing attempt include:
- Never click links, reply to text messages or call numbers you don't recognize.
- Do not respond, even if the message requests that you "text STOP" to end messages.
- Delete all suspicious texts.
- Make sure your smart device OS and security apps are updated to the latest version.
- Consider installing anti-malware software on your device for added security.
Validate any suspicious texts. If you get a text purportedly from a company or government agency, check your bill for contact information or search the company or agency's official website. Call or email them separately to confirm whether you received a legitimate text. A simple web search can thwart a scammer.
Bottom line: Stop before you engage and avoid the urge to respond. According to the FBI, Americans lost more than $1.4 billion to cybercrime in 2017, and a significant portion of that is attributed to personal data breaches, identity theft, confidence fraud and credit card fraud totaling hundreds of millions of dollars.
If you think that you are a victim of smishing, you should contact law enforcement to report the scam. You can also file a complaint with the FCC at no cost. Read the FCC Complaint Center FAQ to learn more about the FCC's informal complaint process, including how to file a complaint, and what happens after a complaint is filed.
Additionally, you can file complaints about consumer fraud with the Federal Trade Commission.