The Growth of Smishing Attempts and Why They Are Dangerous

Laura BednarFraud

Smishing Attempt

Mobile phones having the ability to connect to the internet seems like a convenience that most users can’t imagine being without. Unfortunately, with each new technological development comes another channel for hackers and online predators to attack. The concept of smishing has grown substantially, becoming another threat to obtaining a consumer’s personal information.

What Is Smishing?

Smishing is a type of phishing that is sent through Short Message Service (SMS), most commonly text messages. Phishing attempts involve some type of false link within an email or a general promise of millions of dollars or another benefit that sounds too good to be true. While the idea of phishing originated in email, mobile phones are now a major target.

A scammer’s goal is to obtain your personal information including bank account numbers, social security numbers, and other financial-related data. The texts they send will include a link that, when clicked, will have access to your phone and quickly download malware onto the device. They may appear to be from a reputable bank or another company asking for you to verify your account information by clicking on the link and filling out a form.

The scammers on the other end of a phone or computer will attempt to gain your trust by disguising themselves as a company or number you may recognize. They may also go to extreme measures to scare you into giving up your credit card numbers or other sensitive information. The text you receive may threaten that if you don’t respond, that you will be charged every day for using a specific service.

Past Smishing Attacks

These text-specific scams have happened throughout the world in different capacities, resulting in countries publishing guides and other materials to help people recognize fraudulent messages. Some of the smishing attacks around the globe included:

  • In the UK, impersonators sent SMS messages as if they were TSB Bank.
  • In Australia, scammers were targeting young men pretending to be a single woman who directed them to a dating site. Once in the site, the scammers harvested all of their information.
  • Three Romanian threat actors were involved in smishing and vishing attacks posed as American banks to obtain 43,000 financial account numbers from victims.

Protect Yourself from Smishing Attacks

No matter how legitimate a false SMS message may appear, it is important to remember that your bank or other financial institution will not necessarily ask for your information through a text. If the information appears to be from someone in your contact list, review it for grammar or spelling mistakes and think if your friend or family member would really ask you for a large sum of money through text. Verify any suspicious communication with the alleged sender by giving them a phone call.

Additionally, it is important not to reply, “NO” or “STOP” to end the messages if that instruction is included in the text. While they may not get your personal data, they will have verified that they reached a real and active number, opening yourself up to more attacks in the future.

If you do fall victim to a smishing attack, give Secure Forensics a call. Our experienced investigators can complete fraud investigations, end data breaches, and effectively remove malware on any device. To learn more about our service options, call 1-800-288-1407.