Protect yourself from smishing
“Smishing” sounds cute, right? Like what you do when someone lets you hold their new baby or when your grandma envelops you in a big hug. But it's actually the name cybersecurity experts have given text-based frauds. (“SMS” and “phishing” equals “smishing.” Get it?)
“Smishing” sounds cute, right? Like what you do when someone lets you hold their new baby or when your grandma envelops you in a big hug. But it's actually the name cybersecurity experts have given text-based frauds. (“SMS” and “phishing” equals “smishing.” Get it?)
There are all kinds of text scams going around—free vacations, text “XXXXX” to donate to disaster relief—but the most common are focused on stealing your personally identifiable information, including account logins and passwords, Social Security numbers, security codes, birthdates, and more. Often, the senders impersonate reputable brands, like Microsoft, Amazon, or the financial institution where you bank, to gain your trust.
Smishing is effective because the messages are short (so there’s less opportunity to say something that sounds fake) and because it’s hard to preview a link without clicking on it. Further, many mobile numbers are available in public databases, making it easy for scammers to hit up a bunch of potential victims without a lot of effort.
3 smishing warning signs
Pay extra attention to texts that include:
Links to websites. While there are times when legitimate senders will include a link in their message (for instance, Hy-Vee wants give you access to the receipt for your online order), most senders will tell you to call (and you should verify that number belongs to the sender before you do!) or ask you to reply to the message.
Blocked, unknown, or incorrect Caller IDs. If you can’t see who’s sending the message, there’s a good chance it’s an attempted smishing attack.
Appeals to respond quickly. Scammers don’t want you to think before you act. So they rely on messages designed to make you feel as though you’re at risk.
How to respond if you're being smished
Don’t reply “STOP” if it’s offered as an option. When you do, you confirm to the scammer that they’ve reached a valid number with an attentive person on the other end. This particular conversation may stop, but you’ll likely be hearing from them again.
Don’t give out any personal information. No reputable organization will request your date of birth, Social Security Number, address, or payment information via text.
Report scam texts to your mobile phone company and the FTC. You can forward scam texts to your mobile provider by forwarding the text message to 7726 (that’s SPAM). And you can share your scams with the Federal Trade Commission at reportfraud.ftc.gov or call 1-877-382-4357.
How to minimize your risk of being smished
Actively block or filter spam messages from your phone. On Android’s Messages app, click the menu in the upper right corner and choose DETAILS, then choose the BLOCK & REPORT SPAM option.
On iPhone's Messages app, if you’ve opened the message, scroll to the bottom, select REPORT JUNK, then click DELETE AND REPORT JUNK.
Make sure your phone software is up-to-date. Don’t put off those software updates!
Back up your phone data. If you have an Android phone, it’s easy to move your photos and data to Google Drive. Apple iPhone users can use iCloud or back up to your PC or Mac via iTunes.