Avoid the Temptation of Smishing Scams (2024)

FAQs

Avoid the Temptation of Smishing Scams? ›

Things you can do to avoid being a victim of a smishing attempt include: Never click links, reply to text messages or call numbers you don't recognize.

Things you can do to avoid being a victim of a smishing attempt include: Never click links, reply to text messages or call numbers you don't recognize.

Smishing is a social engineering attack that uses fake mobile text messages to trick people into downloading malware, sharing sensitive information or sending money to cybercriminals. The term “smishing” is a combination of “SMS”—or “short message service,” the technology behind text messages—and “phishing.”

The goal of a smishing attack is to get you to click on a link to a phishing site, download malware onto your device, call the impersonators (so they can continue their scam on the phone), or give up sensitive data — such as passwords, banking information, or your Social Security number (SSN).

Protecting yourself against SMS phishing

Don't share your login, personal or financial details over SMS. Your bank, utility provider or any other genuine company will never ask for sensitive information via text message. Watch where you input two-factor authentication codes.

In some cases, yes. Replying to a smishing message can allow malware into your phone or land you some unwanted charges.

Don't “click” open links in unsolicited text messages. Clicking the link may infect your mobile device with a virus or malware designed to steal the personal or financial information stored on the device. Don't call a telephone number listed in an unsolicited text message.

If you receive an SMS message that you suspect is a smishing scam, you should report it to the Federal Trade Commission (FTC). The organization wants the number and name presented in the message along with time of day and any information requested by the cybercriminal.

As a result, smishing can attack any mobile device with text messaging capabilities. While Android devices are the market majority platform and an ideal target for malware text messages, iOS devices are equal opportunity targets.

How to identify a fake text message? ›

Spyware or Malicious Apps: Malicious software or spyware installed on your phone can grant unauthorized access to your text messages.

The easiest way to become a victim of a bank scam is to share your banking info — e.g., account numbers, PIN codes, social security number — with someone you don't know well and trust. If someone asks for sensitive banking details, proceed with caution.

Tips for avoiding unwanted texts

Several mobile service providers allow you to block the sender by forwarding unwanted texts to 7726 (or "SPAM"). Check with your provider about options. Be careful about giving out your mobile phone number or any other personal information.

Never provide your personal information in response to an unsolicited request, whether it is over the phone or over the Internet. Emails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site.

Firewalls are an effective way to prevent external attacks, acting as a shield between your computer and an attacker. Both desktop firewalls and network firewalls, when used together, can bolster your security and reduce the chances of a hacker infiltrating your environment.

Multi-Factor Authentication (MFA)

By implementing MFA, you can stop an attacker from accessing a user's account, even if they've managed to get their hands on that user's password via a phishing attack.