Smishing: A Silly Word But Serious Fraud Risk

Have you ever received a text message from a well-known business or family member, but something didn’t seem right? Criminals are always looking for new ways to gain access to people’s personal and sensitive information and using fake text messages is a common way for them to do this.

What is Smishing?

Smishing may sound like a silly word, but it’s actually a serious fraud risk. The concept is like phishing, except you’re not receiving an email with a fake link, you’re receiving a text message with that link instead. The idea is to get the recipient to click the link and share their usernames and passwords, social security numbers, credit card numbers, PINs, or other sensitive information. The criminals then use this information to steal money, commit identity theft, and carry out other illegal acts.

How Do I Recognize a Fake Text?

Understanding how to identify a fake text message from a legitimate one requires continuous learning. This is because hackers are constantly refining their techniques, making them more and more believable.

Here are the common red flags or warning signs that a text is fake and more than likely a smishing attempt.

1. There are spelling or other punctuation errors in the message or URL.
2. The sender is telling you something is wrong with your account or payment method, and you need to verify personal information.
3. You are addressed with a generic “Hi There” or “Hello” instead of by your name.
4. The text states your won a prize for a contest you didn't enter or offers you a gift card for responding with your information.
5. The message is unexpected and contains a link or downloadable file that you didn't request.

Examples of Smishing

• You’ve Won a Prize: Congratulations! You won a $500 Target gift card! Go to http://targot.org/zxy6542.
• IRS is Trying to Contact You: There is a problem with your IRS tax refund. Click http://refond.org/stgp562 to resolve the issue immediately or else you will be penalized.
• Verify Account Information: Your credit card account is temporarily locked. Please log into http://youfinancelinstutiaon.com/3b3456.
• You Have a Package Delivery: Hello, your FedEx package with tracking code AZX-1234-PLZU is waiting for you to set your delivery preference: TrAkng.info/Wl09fgh35h6.
• Thank for Your Payment: Thank you for your recent Amazon purchase. You have been charged $123.45. If there is a mistake, please call (876) 123-4567.

How to Avoid Smishing Scams

If you find yourself on the receiving end of what appears to be a smishing attempt, follow these easy do’s and don’ts so you don’t get scammed.

• Do NOT open, reply, click links, or open attachments from an unknown sender.
• Do NOT provide personal or financial information in response to unsolicited text.
• DO delete messages from unsolicited people you don’t know.
• DO look up a company online or call them directly to verify the message you received.
• DO report smishing to the Federal Trade Commission.
• DO consider using protective tools that block unwanted numbers or unknown senders on your mobile device.

Other Ways to Protect Your Information

If you find yourself on the receiving end of a smishing attempt, remember – do not take immediate action, confirm sources, and ask someone you trust for help if you’re unsure.

Peach State nor any of our third-party vendors (i.e.: Visa) will ever call, text, or email you asking to disclose account or other personal information. If you believe you were contacted from someone pretending to be from Peach State or another legitimate agency, please contact us immediately at 678.889.4328., stop by your local branch, or email us at psfcu@peachstatefcu.org.

To learn more about scams and ways you can protect yourself, checkout this quick read at peachstatefcu.org/blog/understanding-scams-so-you-can-protect-yourself-from-fraud.