Beware of Smishing

Dear Black Bag Confidential Reader,

According to the FBI, Americans lost $1.3 billion to cybercrime in 2016, and that amount is expected to increase in 2017.

This should not come as a surprise. Our lives are becoming more and more integrated with smart technology, and criminals are capitalizing on this, coming up with novel ways to steal your personal information.

Of course, cyberattacks are nothing new. Most people are already familiar with phishing scams, where a hacker sends an email in the hopes you click on an infected link or reply with your personal information.

Remember when Hillary Clinton’s campaign chairman, John Podesta, was the victim of a phishing expedition? As a result, his Gmail account was hacked and a slew of emails related to Clinton’s campaign were leaked.

Thanks in large part to stories like this, people are becoming increasingly aware of these types of email scams and exercising caution before opening or downloading a suspicious email.

A New Scam Emerges

However, criminals are always inventing new ploys to trick people into giving up their personal information — and what better way to accomplish this than preying on cellphones? After all, most people are connected to their phones at the hip. This has led to a new type of scam called “smishing” — a combination of ‘SMS’ and ‘phishing’.

How does a smishing scam work?

Well, let’s say you are sitting at home one evening and you receive a text that says, “$5,000 was just withdrawn from your bank account. If you didn’t authorize this transaction, click here or call…” This would certainly get your attention and most likely prompt an immediate response.

But if you click on the link or call the phone number, the criminal at the other end will try to get more information from you. They may ask you to verify or update your account information or reveal other personal details. For some reason, people are more liable to trust a text message than an email, and criminals use this sense of security to their advantage.

The next time you receive a questionable or unusual text message, DO NOT RESPOND. Instead, take the following steps:

1. Read it carefully. People misread texts on a regular basis. Scammers know this and may use a link that looks authentic, but if you look closely you can easily spot a fake. For example, if the link is www.ChaseBank123.com, the “123” signals the link is likely not valid. But if you’re not paying close attention, you may end up clicking on a hacker’s link.

2. Ignore it. Some scammers will send text messages that say, “Reply with ‘STOP’ if you no longer want to receive these messages.” The problem is a response lets the hacker know that they have contacted a valid phone number and that someone will respond. Ignoring the message is best, because ANY response may lead to more texts and more attempts to gather personal details.

3. Call your bank. If you receive a text about withdrawals, or other questions related to your bank account, immediately call your bank at the number listed on your statement or the back of your bank card. NEVER call the number provided in the text message. Your bank will confirm whether the text is legitimate and if any money was actually taken out of your account.

4. Check your phone bill. Just as you should review your credit card statement each month, you also need to review your phone bill. Check to make sure there aren’t any unauthorized charges. By checking your statement regularly, you can avoid being unwittingly enrolled in some type of subscription service by hackers.

The bottom line is hackers are constantly looking for new ways to steal your personal information, and — as technology advances — these criminals are devising new methods of committing cyberattacks.

One last thing: Credible companies (especially banks) won’t ask for your personal information (or any sensitive information) in a text message. If you do receive a strange solicitation via text, take the precautions outlined above to verify it’s a legitimate request before doing anything else.

Stay safe,

Jason Hanson

Jason Hanson

Leave A Reply

Your email address will not be published.