'Smishing' scams target your text messages. Here's how to avoid them
Marc Saltzman , USA TODAY
While the name of this growing threat might sound funny, being a victim of
it is no joke. Similar to a "phishing" scam where computer users receive an
authentic-looking email that appears to be from their bank, Internet Service
Provider (ISP), favorite store, or other organization "smishing" messages
are sent to you via SMS (text message) on your mobile phone. What does the
sender want? To defraud you. "Criminals like smishing because users tend to
trust text messages, as opposed to email, of which many people are more
suspicious, due to phishing attacks," says Stephen Cobb, a security
researcher at ESET, a global cybersecurity company. "As smartphones are the
primary means of accessing the Internet in some countries, this has tempted
criminals around the world to invest in scams that target these devices.
"That means there is no shortage of skills in this space, skills that
criminals can tap to target cellphone users in any country they chose," Cobb
adds. Related: Cybercriminals are trying to lure you into providing account
information such as a login name, password or credit card info by tapping on
a link that takes you to a web site. Here they can get enough info to steal
your identity. Or you might be asked to answer questions via text message or
advised to call a phone number. In some cases, you'll receive a text message
with a sense of urgency: Dear customer, Bank of America needs you to verify
your PIN number immediately to confirm you're the proper account holder.
Some accounts have been breached. We urgently ask you to protect yourself by
confirming your info here. Sometimes, scammers try to capitalize on
something timely, like tax filing season: "IRS Notice: Tax Return File
Overdue! Click here to enter your information to prevent being prosecuted.
Or, perhaps, it will come in the form of a more personal note: Beautiful
weekend coming up. Wanna go out? Sophie gave me your number. Check out my
profile here: [URL] Or, you might fall for a smishing scam if you think you
can win something: Your entry last month has WON. Congratulations! Go to
[URL] and enter your winning code 1122 to claim your $1,000 Best Buy gift
card! You can fight "smishing" in a few ways: * If you get a suspicious
looking text (or email) on your phone and it asks you to urgently confirm
information, it's not coming from a legitimate institution. Therefore, don't
reply and don't tap on the link in the message. Simply delete it. Your bank,
financial institution, ISP or favorite online retailer will never ask for
sensitive info this way. When in doubt, contact the company yourself. Even
though you might be tempted to hit Reply and tell them to leave you alone,
you're only confirming your phone number is valid, which might invite even
more scams. * Anti-malware ("malicious software") software exists for mobile
devices, many of which can detect and stop a smishing attempt. This serves
as an extra line of defense from these malicious types, but you must still
exercise common sense. ESET, the cybersecurity company Cobb is a researcher
for, has a free Google Play app called ESET Mobile Security & Antivirus.
Features include antivirus, remote lock and siren, GPS localization, and
tablet support, while upgrading to Premium ($14.99/year) adds SMS and call
filters, remote wiping, anti-phishing, photo snapshots (of someone trying to
log into your device), and more. Other providers of similar software include
Norton Anti-Virus and McAfee. On a related note, be sure to always update
your smartphone's operating system to the latest version. * Look for
suspicious charges on your monthly phone bill. Even if you never responded
to one of these texts, it doesn't hurt to look at your itemized charges to
see if there's anything that looks off. If it does, contact your phone
provider right away to dispute the charges. Don't worry, they've heard it
all before. Resist entering contests that ask you to provide your mobile
number, as you're setting yourself up for these kinds of scams. Similarly,
don't post your mobile phone number on social media or other public forums.
* When mobile shopping, stick with reputable retailers. When giving out
financial information, like your credit card, always be sure to look for
indicators that the site is secure, such as a little lock icon on the
browser's status bar or a URL for a website that begins "https:" (the "s"
stands for "secure"). On a related note, never tap on a link to a retailer
to shop online -- just in case it's a scam. Instead, manually type in the
store's URL (e.g. amazon.com) or use the store's official app.
Follow Marc on Twitter: @marc_saltzman. E-mail him at
askmarcsaltz...@gmail.com .
--
The following information is important for all members of the V iPhone list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your V iPhone list moderator is Mark Taylor. Mark can be reached at:
mk...@ucla.edu. Your list owner is Cara Quinn - you can reach Cara at
caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/viphone@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"VIPhone" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to viphone+unsubscr...@googlegroups.com.
To post to this group, send email to viphone@googlegroups.com.
Visit this group at https://groups.google.com/group/viphone.
For more options, visit https://groups.google.com/d/optout.
