'Smishing' scams target your text messages. Here's how to avoid them Marc Saltzman , USA TODAY
While the name of this growing threat might sound funny, being a victim of it is no joke. Similar to a "phishing" scam where computer users receive an authentic-looking email that appears to be from their bank, Internet Service Provider (ISP), favorite store, or other organization "smishing" messages are sent to you via SMS (text message) on your mobile phone. What does the sender want? To defraud you. "Criminals like smishing because users tend to trust text messages, as opposed to email, of which many people are more suspicious, due to phishing attacks," says Stephen Cobb, a security researcher at ESET, a global cybersecurity company. "As smartphones are the primary means of accessing the Internet in some countries, this has tempted criminals around the world to invest in scams that target these devices. "That means there is no shortage of skills in this space, skills that criminals can tap to target cellphone users in any country they chose," Cobb adds. Related: Cybercriminals are trying to lure you into providing account information such as a login name, password or credit card info by tapping on a link that takes you to a web site. Here they can get enough info to steal your identity. Or you might be asked to answer questions via text message or advised to call a phone number. In some cases, you'll receive a text message with a sense of urgency: Dear customer, Bank of America needs you to verify your PIN number immediately to confirm you're the proper account holder. Some accounts have been breached. We urgently ask you to protect yourself by confirming your info here. Sometimes, scammers try to capitalize on something timely, like tax filing season: "IRS Notice: Tax Return File Overdue! Click here to enter your information to prevent being prosecuted. Or, perhaps, it will come in the form of a more personal note: Beautiful weekend coming up. Wanna go out? Sophie gave me your number. Check out my profile here: [URL] Or, you might fall for a smishing scam if you think you can win something: Your entry last month has WON. Congratulations! Go to [URL] and enter your winning code 1122 to claim your $1,000 Best Buy gift card! You can fight "smishing" in a few ways: * If you get a suspicious looking text (or email) on your phone and it asks you to urgently confirm information, it's not coming from a legitimate institution. Therefore, don't reply and don't tap on the link in the message. Simply delete it. Your bank, financial institution, ISP or favorite online retailer will never ask for sensitive info this way. When in doubt, contact the company yourself. Even though you might be tempted to hit Reply and tell them to leave you alone, you're only confirming your phone number is valid, which might invite even more scams. * Anti-malware ("malicious software") software exists for mobile devices, many of which can detect and stop a smishing attempt. This serves as an extra line of defense from these malicious types, but you must still exercise common sense. ESET, the cybersecurity company Cobb is a researcher for, has a free Google Play app called ESET Mobile Security & Antivirus. Features include antivirus, remote lock and siren, GPS localization, and tablet support, while upgrading to Premium ($14.99/year) adds SMS and call filters, remote wiping, anti-phishing, photo snapshots (of someone trying to log into your device), and more. Other providers of similar software include Norton Anti-Virus and McAfee. On a related note, be sure to always update your smartphone's operating system to the latest version. * Look for suspicious charges on your monthly phone bill. Even if you never responded to one of these texts, it doesn't hurt to look at your itemized charges to see if there's anything that looks off. If it does, contact your phone provider right away to dispute the charges. Don't worry, they've heard it all before. Resist entering contests that ask you to provide your mobile number, as you're setting yourself up for these kinds of scams. Similarly, don't post your mobile phone number on social media or other public forums. * When mobile shopping, stick with reputable retailers. When giving out financial information, like your credit card, always be sure to look for indicators that the site is secure, such as a little lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). On a related note, never tap on a link to a retailer to shop online -- just in case it's a scam. Instead, manually type in the store's URL (e.g. amazon.com) or use the store's official app. Follow Marc on Twitter: @marc_saltzman. E-mail him at askmarcsaltz...@gmail.com . -- The following information is important for all members of the Mac Visionaries list. If you have any questions or concerns about the running of this list, or if you feel that a member's post is inappropriate, please contact the owners or moderators directly rather than posting on the list itself. Your Mac Visionaries list moderator is Mark Taylor. You can reach mark at: macvisionaries+modera...@googlegroups.com and your owner is Cara Quinn - you can reach Cara at caraqu...@caraquinn.com The archives for this list can be searched at: http://www.mail-archive.com/macvisionaries@googlegroups.com/ --- You received this message because you are subscribed to the Google Groups "MacVisionaries" group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at https://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.