Cybercriminals have created various methods to trick people into downloading viruses or malware onto their laptops, tablets, and smartphones.
The latest form is smishing, another tool used by cybercriminals to obtain personally identifiable information and steal identities by infecting your smartphone through texts or an SMS message. The software’s malicious intent comes in the form of viruses, ransomware, spyware or adware.
The term “smishing” is a mashup of SMS (short message service) and phishing, which is when fraudsters utilize malware by sending emails which mimic a trustworthy source such as credit card company, financial institution or retailer. Unsuspecting consumers mistakenly open the email and click on the links, allowing the malware to be activated.
When people click on the links, the fraudsters can trick them into sharing their password, credit card numbers or other personally identifiable information such as Social Security numbers.
Now growing in popularity, fraudsters often deploy smishing because too many people are unaware of this new type of fraud and trust text messages more than the emails they receive.
The fraudsters are following a similar strategy when it comes to phishing and rely on social engineering to get more people to give out their personal information. The smisher wants to obtain passwords, credit card information or your Social Security number to sell them on the darknet, a.k.a. the dark web.
If fraudsters are able to obtain your personal information, they can steal your identity and apply for credit cards and loans while pretending to be you, which can greatly affect your credit score.
Some smishers have deployed a tactic of telling people that if they fail to click on the link and provide their personal information, the company they’re pretending to be will start charging daily for the service. These fraudsters will attempt to fool you into thinking they are a legitimate source you would normally use or trust.
Ignore all messages that seem bizarre or are from companies where you did not sign up for text alerts.
How to Prevent Smishing
These two words will help you avoid smishing attacks: Delete and block.
Just like emails, don’t reply to texts to people who are not in your address book. There are too many incidences of fraud and the headaches of identity theft are not worth it.
When a text message or SMS comes from a number such as “8000” and does not resemble a standard phone number, skip them. Those are simply emails that are sent to a smartphone.
As more and more people share links from articles, videos or social media, it is easy to just click on a link. Skip the ones from people you do not know. If the link looks suspicious or out of character to be coming from that particular friend, ask them if they sent it.
Protecting Yourself From Identity Theft
If you communicate through your mobile device frequently or use it to watch videos or movies, consider adding a VPN to your phone. A VPN is virtual private network and prevents fraudsters from seeing your activity on the Internet.
VPNs can be used on a person’s mobile device, laptop or computer and is useful when you are accessing the Internet from a public network at an airport, retailer or hotel.
The risk of using public WiFi is high because criminals routinely intercept people’s sensitive and personal data as they are paying bills or shopping. The public networks are being watched by hackers so they can steal passwords and identities and install malware.
Adding a VPN will shield both your activity and personally identifiable information. While some VPNs are free, others can be purchased, but people should conduct due diligence before downloading one.
Since smishing is occurring more frequently, it is good practice to check your credit report on a regular basis to see if a fraudster tried to open a new credit card or another account in your name. Consumers can obtain one free credit report from Experian, Equifax and Transunion every 12 months at AnnualCreditReport.com. You can also get a free copy of your Experian credit report and dispute anything inaccurate on it here on Experian.com.