‘Smishing’ Text Message Scams on the Rise
If you use email, you are familiar with “phishing” spam – fraudulent emails that appear to come from a legitimate business or even someone in your contact list, urging you to click on a link. Doing so opens you to the possibility of malware, viruses, and even identity theft.
If you use a cell phone, be aware that there is an increase in “smishing” – fraudulent texts (SMS) claiming to be from your bank or a known business. They might offer a gift card, or they might “alert” you to a problem with your account. The texts will often contain a link for you to click or a phone number to call.
How ‘Smishing’ Works
A smishing attack uses a text message to trick someone into divulging valuable information, such as an account or card number, card expiration date, password/pin, and Social Security number. Fraudsters can use the information to generate counterfeit ATM cards, among other things. It can take as little as one hour from the time the information is obtained for an attacker to conduct a fraudulent cash withdrawal, according to the Department of Business Oversight.
How to Identify ‘Smishing’
Similar to “phishing” emails, scammers often play on fears, conveying an urgency to respond. You might receive a text telling you your bank account has been suspended, for example, and you need to click a link to update your personal information.
A smishing text might also sound too good to be true – for instance, telling you you’ve won a gift card from a large chain business, and you need to click a link to claim it now.
Most banks don’t send unsolicited text messages. At Members 1st, members can sign up for banking text notifications—for instance, receiving an alert if your checking account drops below $500. Members 1st will only send unsolicited text messages to notify customers of fraud. These texts will NOT ask for any personal information.
How You Can Protect Yourself
The Federal Trade Commission offers these tips:
- Delete text messages that ask you to confirm or provide personal information. Legitimate companies don’t ask for information like your account numbers or passwords by email or text.
- Don’t reply, and don’t click on links provided in the message. Links can install malware and take you to spoof sites that look real but whose purpose is to steal your information.
- Treat your personal information like cash. Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. Don’t give them out in response to a text.
- Place your cell phone number on the National Do Not Call Registry.
- If you are an AT&T, T-Mobile, Verizon, Sprint or Bell subscriber, you can report spam texts to your carrier by copying the original message and forwarding it to the number 7726 (SPAM), free of charge.
Review your cell phone bill for unauthorized charges, and report them to your carrier.
Questions or Concerns?
If you have any concerns that your credit union account information might have been compromised, please call Members 1st Credit Union at (530) 222-6060.
