Smishing might sound like something the Smurfs do but alas it’s nothing so innocent. It’s a commonly used term for SMS phishing, that is, the dark art of stealing money or identities in response to a phone text message. Like any other devious method of fraud its aim is to manipulate people into taking various actions which leads to them being defrauded.
At its most basic you receive a fraudulent text claiming to be from a trusted organisation or individual. However, the text message is from fraudsters impersonating the organisation or individual. The texts vary but the following are the most common:
- From a bank saying there’s a problem with an account, lack of funds or there has been unusual activity
- A delivery company notifying you that you need to confirm that you want a parcel delivered
- A technology company such as Apple or Google, notifying that you need to validate an account
- The tax office saying that you are due a tax refund
The aim of the SMS message is to either get you to visit a website or make a phone call to a specified number.
How to identify smishing
The easiest way to identify a SMS phishing text is to pay attention to the message. It will invariably imply that you need to take urgent action.
These fraud texts play on basic human emotions and needs, such as trust, safety, fear of losing money, getting something for nothing and eagerness to find a bargain or similar.
If you are urged to visit a website and you do so with a smartphone it could then be infected with malware or you are asked to part with sensitive and confidential information. If you are prompted to make a phone call it could either be for the same reason or it could be a premium rate number set up by the fraudsters resulting in you paying exorbitant charges.
Don’t be a victim
The first self-protection step is to take your time and consider whether the text is genuine or fraudulent. If it contains a link be careful about clicking on it unless you are absolutely certain it is the real deal. If it offers some kind of reward, ask yourself whether it is too good to be true because it just might well be. If it is unexpected, for instance, from a delivery company and you’re not expecting a parcel treat it with caution.
In short, unless you do receive regular texts from your bank for instance, treat these sorts of texts with caution. However, if you do respond and you’re asked to provide personal and sensitive information simply don’t do it. A legitimate organisation will not request this information. Also consider downloading BullGuard Mobile Security software. A free version is available; it will keep you safe from malware.