Phishing scams come in all shapes and sizes, but they all have one thing in common: they’re an attempt to steal your personal information. According to the Federal Trade Commission (FTC), smishing is on the rise. And, according to AARP, in 2020, text messaging scams cost Americans $86 million.
WHAT IS SMISHING?
Smishing is a type of phishing scam that uses text messages instead of emails to try to trick you into giving away your personal information. Like regular phishing scams, smishing texts are social-engineering schemes that try to fool you into believing that you need to take some action—usually clicking on a link or providing sensitive information—to keep your account open or reactivate it.
But just like phishing emails, it can be difficult to differentiate smishing texts from legitimate messages. So, how do you protect yourself from becoming a victim of this growing scam? Here are a few tips.
While a text may seem perfectly normal, it could be from someone with malicious intent. They may want to steal your identity, bank account number, or other sensitive information.
For instance, you might receive a text that appears to be from a business you deal with, like your bank, mobile provider, or a tech service like Netflix or PayPal. It claims your account has expired or been locked on some pretext, possibly suspicious activity. You need to provide personal information or click on a link to reactivate it, allowing the scammers to steal your money or identity or infect your device with malware.
IS IT A LEGITIMATE TEXT?
The problem is that it’s difficult to differentiate between scams and important texts.
But an unrequested verification code is a red flag warning that someone is attempting to log into your account.
It may be a sign that your account and password have been hacked. So, that would be a good time to log in to your account and update your password. Make sure the password you’re coming up with is solid and original.
FAKE BANK TEXTS
Of course, some accounts are much more important than others. A verification code from Netflix isn’t as dangerous as one from your bank.
If you receive an alert from your bank, call it and check to see if anyone has accessed your account. It’s best to nip any potential financial issues in the bud as soon as possible. Otherwise, you risk having your bank account drained, your credit score ruined, or your identity stolen.
You may not need to take this extra step for most texts you get, but for banks, since they have highly sensitive information, you should take the time to contact them.
MALWARE LINKS IN TEXTS
A hacker may be just baiting you, and your account and password are still safe. Hackers will SMS you with verification codes or dubious links to get you to click them. The websites you are sent to then infect your device with malware.
Rarely will you get text messages at random that contain links. So you should always proceed with caution before clicking unexpected links. Contact the proper company to check the validity of the communication rather than clicking on the link. It’s an additional step, but it’s worth the extra work.
Receiving an unexpected recovery code might indicate that someone has created an account using your email. Dishonest people may use your contact information to register for new accounts.
You may receive recovery codes even though you have never registered (or can’t remember creating an account), indicating that this may be a phishing scam.
You should never give out your recovery codes to anyone, not even customer service for the company that issued them.
Report any attempts to get your codes as phishing scams to the company in question to let them know your email shouldn’t be associated with the new account, just to be safe.
Another possibility is something far less sinister. Children occasionally believe it’s OK to create accounts using random emails or numbers. One of these random email addresses or phone numbers could be yours.
Two-factor authentication is difficult for kids to grasp. The website sends you a confirmation code when they attempt to log in with their new account.
To stop receiving verification codes for accounts, you didn’t establish, visit the website, reset the password, and delete the account.
HOW TO PROTECT YOURSELF
The best way to protect yourself from smishing is by being aware of the scam and knowing how to identify a legitimate text message. If you’re not sure, it’s always better to be safe than sorry and contact the company directly.
Keep in mind that hackers will often send you dubious links or verification codes in an attempt to get you to click on them—so always proceed with caution!
Finally, if you do receive a recovery code for an account you didn’t create, be sure to report it as a phishing scam to the company in question.
By following these steps, you can help protect yourself from smishing scams and keep your information safe!
Share this helpful article on Suspicious Text Messages by using the Share Buttons below… I really appreciate you helping to spread the word about my Free Daily Tech Tips!