Smishing Text Messages Can Compromise You
January 14, 2019
There are so many ways to receive communication from anyone these days. Lately, cybercriminals have moved toward using text messaging or short messaging (SMS) more often. Police in some areas are receiving reports of banking scams that are perpetrated via text messaging. It’s a pretty simple scam and once the victim falls for it, bank accounts are accessed and transactions are made that are not in the victim’s plans.
People report receiving text messages from what they believed to be their financial institution. The communication was that their account was locked and they needed to provide login details for their online accounts in order to unlock them. There was a link provided that went to a website and the credentials were to be entered there.
Well, of course the accounts weren’t locked, but that sense of fear caused a bit of panic and some gave them up. Once the criminals got the information, they added a new payee to the account and made transactions.
Financial institutions rarely, if ever, send links for you to unlock your accounts in a text message. If you are uncertain or just want to check, go directly to your account using a previously bookmarked link or one you know to be safe. Always check for the “https” in front of the rest of the address. If that “s” isn’t there, don’t enter anything into the site. Instead, call your financial institution using a number you also know to be legitimate.
Remember not to use details received in email or text to contact businesses. Often, the criminals will set up actual support locations to receive these calls and emails and reply to you or answer your questions as if they are a legitimate shop.
Never give your credentials to anyone either. Instead, if you suspect someone has your password, immediately change it by going directly into your account. This includes giving it to someone in the IT department. Also, hover over any links with the mouse pointer and see where they go before clicking them. If it isn’t going to your financial institution’s domain, definitely don’t click it. On mobile devices, hold down on the link for a few seconds (usually 3 or more) to see the entire link. To be sure you know how long that is on your mobile device, test it on a safe link first. No need to take unnecessary chances.