07 Mar Smishing Scams! Protect Yourself Against Text Message Phishing
How many messages do you receive every day? How many of them are actually scams? We rely on text messages to find out when our packages arrive, get the latest promotions, and be notified when suspicious activities are on our accounts.
Smishing is phishing through text messaging. Scammers use smishing to get personal information using messages that pretend to give bank account updates, package delivery information, and vaccine news. In this article, we will give you some facts about smishing scams, show you some of the more common smishing scams, and, most importantly, give you tips on how to avoid smishing scams so that you can protect yourself.
Facts About Smishing Scams
Smishing scams are closer than you think:
- Up to 98% of text messages are read, and 45% of them are responded to; the action rate is much higher than that of emails (20% and 6% respectively). (Gartner Research)
- Smishing scams grew 29% between March and July 2020. (IT Goverance)
What Does a Smishing Scam Look Like?
Scammers send messages that mimic texts from government agencies, banks, and delivery companies. These messages falsely claim that the receiver has to click on a link to verify account details, update information, or trace a parcel. But the link in the message is actually a phishing link, and the victim is directed to the scammer’s website. Once there, the victim is asked to enter sensitive information like their birth date, address, Social Security number, credit card numbers, or other personal details. The scammer can use this information for account access or identity theft. Sometimes, malware downloads on the victim’s device as soon as the victim clicks the link!
The 3 Most Common Smishing Scams
Scammers fake notifications from delivery companies such as FedEx or UPS using text messaging. Scammers put phishing links in the message and ask recipients to click on the links to verify the delivery address or to confirm acknowledgment of the shipment.
Lots of scammers spoof text messages from banks, and pretend that suspicious activity was found on the recipient’s bank account. They send fake notifications and ask the recipients to click on a phishing link to confirm or resolve any issues. The victim is directed to a fake bank website that asks for financial credentials, like passwords, credit card numbers, or bank account details. With this information, scammers can gain access to the victim’s bank account and steal their money.
Scammers pretend to represent the CDC, FDA, WHO, or medical companies such as Pfizer or Moderna, falsely claiming that the recipient of the text can apply for early access to the COVID-19 vaccine through the link provided. These messages may also pretend to provide the latest news about the pandemic in order to lure people to click a link.
Send screenshots of suspicious messages to Trend Micro Check for immediate scam detection.
4 Tips to Avoiding Smishing Scams
The best way to protect yourself is not to respond to smishing messages. Here are 4 other things that you can do to avoid smishing scams:
- Double-check the sender’s mobile number. Numbers from abroad are a major red flag.
- Reach out to the organization to verify the legitimacy of the text message.
- NEVER click links or attachments from unknown sources. Verify the link with Trend Micro Check!
- Download Trend Micro Mobile Security to protect your phone if you’re concerned that you’ve tapped on any suspicious links.