Most of us probably send or receive an SMS at least once a day. Our phones are usually in our pockets or bags, almost always nearby. We hear the chime telling us we have text, and we respond reflexively.
Unfortunately, scammers take advantage of this and use a technique called SMiShing.
What is SMiShing? I’m glad you asked. In this edition of Mid-Valley Scam Alert, we are going to dive into what this scam technique is and how you can avoid falling victim to it. So if you have a phone that sends and receives text messages, it’s time to learn a thing or two about phone scams.
The word “smishing” is a combination of SMS and phishing. SMS stands for short message service (a common form of SMS) and phishing is when scammers try to lure victims using fraudulent messages. This is a term that has been associated with email scams for years.
People also read…
So when you put the two together, SMiShing refers to shady characters who send you text messages that look legit. They can claim to be from your bank, a store you like, or a credit card company. However, these text messages are a blatant lie and the scammer hopes you will click on the fake link he sent you.
In a February edition of Oregon FBI Tech Tuesday segment, the agency showcased a few different versions of SMiShing.
In one case, you receive an SMS from what you think is a trusted company. You click on the attached link and you are sent to a website that looks quite real. You enter private information such as passwords and credit card numbers. Now the scammer has it all.
Or maybe all you have to do is click on the link to win a lottery prize the demon gave you. Well, congratulations, you have won a full malware download on your phone!
A variant of this type of scam that may be a little easier to spot is when an accomplice sends you a message with an urgent request. Maybe they tell you that your bank account is locked and you need to give them your account or PIN. Don’t worry, they’ll fix it right away – you won’t have to worry about your finances anymore because the scammer will just empty your bank account.
But the good news is that we can avoid falling prey to sneaky deceptions. The Oregon FBI provides the following tips to protect yourself from SMiShing scams:
- Be careful when dealing with any message asking for personal information.
- Remember that reputable companies usually don’t contact you to ask for your username or password.
- Never click on links in an unsolicited message. If in doubt, find the phone number or web address of the business in question and ask the business directly about the message.
- Configure multi-factor authentication on any account that allows it. This will ensure greater protection and privacy when logging into an account.
- Always be careful about the information you share online or on social media. If you post your pet’s name, schools you graduated from, family members, or birthdays, a scammer can guess the correct answers to your security questions.
As always, if you are the victim of online fraud, report the incident to the FBI’s Internet Complaint Center at www.ic3.gov or call your local FBI office at 503-224-4181.
Maddie Pfeifer covers public safety for Mid-Valley Media. She can be reached at 541-812-6091 or [email protected] Follow her on Twitter via @maddiepfeifer_