From The Hustle
Recent reports have warned of smishing, but what exactly is it? And how do you know if you’re being smished?
Smishing is one of the “ishing” scams:
- Phishing: scammers send you an email asking for personal info
- Smishing (or SMiShing): the scam comes via a text or messaging app, like WhatsApp
- Vishing: the scam comes via a call or voicemail
Smishing is a new way for cybercriminals to steal money and identities. Scammers act like trusted companies to get victims to hand over their private information. However, the texts are not actually from big-name companies, like AT&T.
They’ll try to fool you into revealing personal info, such as bank details or login credentials.
In the case of smishing…
… the text usually contains a link that, if clicked, will download malware to the victim’s device or direct to a bogus site requesting personal info.
These kinds of scams were hot in 2020, resulting in 241.3k complaints and adjusted losses of $54m+, per a report from the Internet Crime Complaint Center (IC3).
But the biggest red flag? Asking for data at all.
The main message is to stop and think about smishing texts. especially before clicking on a link from an unknown number. Many times the links will send you to a fake site asking for private information.
“No legitimate company, government agency, or organization is going to ask for that data even if they sent you a text message or email,” said Bryan Oglesby from the Better Business Bureau. “So, they create this alert to act now, something’s wrong, oh my gosh there’s a problem with my account. People will click on it. They’re not thinking and then they’ll provide the information when it’s asked of them.”
Oglesby said phone company scams, bank scams, and others are popular. Many people report them to the scam-tracker on a regular basis. One way to spot fake texts is by watching the grammar and tracking the phone number. If texts were to come from a legit company that a person consented to receive texts from, they’d come from a number that the company had texted them on before.
So, what to do?
- Don’t click the link.
- Report the text.
- If you’re unsure, contact the supposed sender of the message directly and ask them if they tried to reach you.