Smishing – The name comes from “SMS Phishing.” SMS (Short Message Service) is basically ‘texting’ from cell phones. And Phishing is where scammers send counterfeit emails that look like they come from your bank, eBay, PayPal, or other similar organization to try and steal personal information. Now they have put them together in another attempt to steal your personal information.
Here is how it works. You receive a text message from a recognized business that demands your “immediate attention.” The text will contain either a website or phone number that connects to an automated response system. Some text examples are:
[Name of bank or credit union] is sending this automated text confirming that you have purchased a [item] in excess of $1500 from [name of another company]. If this is wrong, please visit www.xxxxx.com to report the potential fraud.
- [Name of bank or credit union] has deactivated your credit card (or debit card). To reactivate your card call 888-###-####.
- There is a discrepancy with your account records, please call 800-###-#### for details.
- Thank you for signing up for [XYZ Dating Service]. You will be charged $25/month until you cancel your service at www.xxxxx.com.
- Your account with [Name of bank or credit union] has been suspended. Call 888-###-#### for more information and to reactivate your account.
Whatever wording that they use is not important, only that they are trying to get you to visit a fake website or call a bogus phone number pretending to be that business. You are then asked to confirm information. This can include items such as, personal information, SSN, credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, email address, date of birth, etc.
To hear audio of a Smishing phone call visit Fight Identity Theft.
Some businesses have posted fraud alerts on their website warning about Smishing. Here are a few: Sprint, AT&T, and Wachovia.
TIPS TO PROTECT YOURSELF:
- Never give out any personal information to an unsolicited text message, email or phone call.
- If in doubt, call the institution from a known phone number or from the phone book.
- Don’t click on links embedded in unsolicited e-mails or text messages. They can contain viruses or Trojan horses.
- If you receive a phone email, text message or phone call you can report it to the institution directly by calling the number on the back of your card or account statement or report it to the Department of Homeland Security.
- In many cases, the smishing message will show that it came from “5000” instead of an actual phone number. This usually indicates the text message was sent from email to the cell phone, and not sent from another cell phone.
- And finally, if you use a computer, make sure you have an up to date anti-virus program, firewall, and if possible, email filter.
(First published 7/15/2010)