What Is SMS Phishing (Smishing) and How to Protect Yourself
16 Sep 2024
16 Sep 2024
More than 30% of fraud reports identify call and text as the initial contact method. Though there are other methods of contact, like email, fraud reports with phone and text as the initial contact method reported higher median loss of money per person. On average, people who were victims of a phone or text scam loss $1,000 to $1,480.
We're going to take a more in-depth look at phishing scams that start via SMS or text message, also known as smishing scams.
Before we get into smishing, we need to understand phishing. You have most likely been targeted several times by phishing scams via email, phone calls, or text messages.
Phishing scams aim to gain access to your sensitive personal information by impersonating banks, trusted companies, and other organizations. These types of scams are sent en masse to millions of people. The scammers throw a wide net, hoping to trap as many victims as possible. The messages and calls will often create a sense of emergency, such as your bank account being used to make a suspicious purchase or an important package that can't be delivered without additional information.
When these phishing attempts are sent via SMS text messages, they are referred to as smishing (SMS-phishing).
Here is an example of a smishing attempt:
Smishing scams will always be text messages that request information or a payment, and they will include a link to click on and enter your information.
The texts will imply that action is needed in order to prevent account closures or additional fines and fees. This strategy aims to make potential victims panic rather than stop to think about the legitimacy of the text.
As mentioned, smishing attempts are always sent via text. The text message will almost always claim to be from trusted institutions. You may have received texts claiming that they are from Bank of America or Amazon. In the example smishing scam pictured above, the scammer claims to be from Massachusetts Toll Services. In all smishing scams, it is common for the text to claim that it is from a well-known and trustworthy institution.
This tactic helps build trust in their victims. The smishing attempt will include a link to follow, a phone number to call back, or other instructions on what to do.
In addition to building trust through impersonation, we as consumers are also much less likely to question text messages and much more likely to open a text message than an email, making it easier for scammers to get their deceitful messages across. Text messages are so effective that they have a 98% open rate, compared to email open rates, typically around only 20%.
On top of all of this, the scammers will create a sense of emergency. Some samples of smishing texts are as follows:
As you can see, the examples create a sense of urgency; you must act quickly to fix what has gone wrong. This prevents you from thinking carefully about the legitimacy of the text.
There are many types of smishing scams. These are some of the most common types:
Detecting smishing scams can be difficult, but by staying calm and doing some research, you can make an informed decision about whether or not a text is legitimate.
Here are a few steps to follow the next time you get a suspicious or unsolicited text message:
There are several easy ways to prevent smishing attacks. Here are a few best practices and some extra steps you can take:
Best practices:
Extra steps:
If you’ve been the victim of a smishing scam, it’s important to act quickly. The first step is to stop replying to the scammer.
The next step is to change any passwords on compromised accounts. It's important to use strong and unique passwords for each account.
After securing your accounts, you should report the scam to the Federal Trade Commission (FTC) at ReportFraud.ftc.gov and the Internet Crime Complaint Center (IC3) at IC3.gov.
You should also report the scam to the organization or company that the scammer impersonated. This will allow them to warn other potential victims about the fraud.
You can also report the phone number in a community phone book, like ours, to let others know about the scam.
Lastly, you should keep an eye on your accounts for any unusual activity and stay vigilant. Scammers are constantly developing new strategies to trick victims into giving up information.
Don't feel alone; many people have been scammed, and it's important to talk about it and tell others. You never think it will happen to you until it does. This is why staying educated and aware of potential scams is essential. By sharing your experience, you might save someone else from being scammed.
There you have it. Smishing is a very common and lucrative scam; these texts will not stop, and scammers will continue to come up with new tactics.
Even though smishing scams are sophisticated and prevalent, they are also avoidable.
Remember to never click a link sent via text from someone not in your contacts, and never share sensitive information with someone not in your contacts.
Most importantly, share this information with others because the best way to prevent scams is to talk about it within your community. Ask others for their thoughts before you respond to a suspicious text, do research online to see what others are saying, and when in doubt, contact the company directly before responding to an unsolicited text.
By staying calm and educating yourself about scams, you can avoid falling victim to smishing attempts.
CallerSmart Pro is built on a simple premise: High-quality leads result in more sales and less frus...
You asked for our phone book to expand, and we listened to you! Our award-winning and highly-rated iPhone reverse phone lookup app is now available in ...
People rely on social media to keep in touch with family and friends, meet people of like minds, start new romantic relationships, and shop. Social media is a huge p...