Smishing: What It Is and How to Avoid It
It’s not accurate to say that phishing scams have had their day, and now there’s a new player around. We still need to be vigilant for phishing scams, but today the practice of smishing is on the rise and often harder to identify and avoid. These scams are a little more sophisticated than phishing emails and in some cases they can be extremely hard to identify.
In this article we dive into what smishing scams are, how they are effective, and what to look out for. In the end, the scammer behind these practices are always looking for the same thing; they want your bank and credit card numbers and will create some elaborate means to attain them. Needless to say you should never input this data into untrusted websites, but it’s equally important to spot the telling signs of a smishing message.
What is Smishing?
You’ve probably heard of Phishing before, which is a form of scam where a fraudulent email claims to be from a trusted source such as a bank or tax authority. A phishing scam might have a range of purposes like obtaining your sensitive data to access online accounts or install malware.
Smishing however has become a more recent development. Because there are other means of communicating besides emails, scammers are diversifying their efforts. Whatever the reason, smishing is the latest IT scam to look out for in the digital world. But what exactly is a smishing scam?
Instead of an email, victims of smishing scams will receive an SMS text message from a trusted source. The message might look legitimate and seem to come from your bank, credit card, or tax authority. It will normally ask you for immediate action. Similar to phishing scams, a smishing one can also install malware or direct you to a fraudulent website.
How Do You Recognize It?
A smishing scam is very similar to a phishing scam, but you need to know what to look out for so you don’t inadvertently give away your bank or credit card information to fraudsters. Most smishing scams can be identified easily, but there are some exceptions to be wary of.
It can appear as an SMS message mimicking your bank, a tax authority, energy company, or other respectable company. The message might ask you to download the new app from the website. If you click on the link you might be taken to a false webpage with a download link. Unlike official sites this link will not have the official Apple or Android logos.
If you click on the link and download the app, you may be in trouble. The app could install malware on your device to collect your data, or simply ask you for it directly. The process is made more complicated since smishing messages are hard to recognize. Typically they will ask for immediate action.
How Do You Avoid It?
There are several ways to avoid falling for a smishing scam. The first one is to be ultra aware of smishing scams when you receive official-looking SMS texts. Ask yourself if you expected any correspondence with this company, and if it’s necessary for you to take any action, it probably isn’t, and certainly won’t be if it’s a scam.
Another way to decide, is if you clearly don’t know the source of the message; you don’t have anything to do with the charity, or have any interest in the offer. In this case it’s easy to simply ignore the messages and let it die off. Smishing messages also often ask you for immediate action such as “Click Here Now,” and “Urgent,” or “Reply Now.”
If you’re concerned about falling victim to a scam via email or your digital device, there are steps you can take. First, ensure that your online passwords are varied, and strong. It can be difficult to remember many individual passwords, so write them down in a booklet, or use keychain access. If the message is clearly from a number you don’t know, or a company you know you don’t have business with, don’t click on any links within. Simple, but effective.
Smishing scams can be quite sophisticated and hard to identify, however, the request for urgent action is often a dead giveaway, and you can hire managed IT security for your business to help provide training, and software available for filtering the spam from your emails.