Don’t be a victim of ‘smishing’

Published 6:50 am Saturday, July 8, 2023

KENTUCKY TODAY

It’s hard to keep track of all the different types of scams where people try to separate you from your money. One of the latest is called “Smishing,” a strange word with serious repercussions.

The term comes from text message/SMS phishing where bad actors target users to click on a link to gain access to their personal information. Whether the text is posing as a delivery service like UPS, claiming you won a gift, or offering the “perfect” job, these scams are getting out of hand. In fact, the Federal Trade Commission (FTC) recently reported that text scams accounted for $330 million in reported consumer losses in 2022.

Email newsletter signup

Bad actors are getting more sophisticated in their tactics to steal personal information and they are fully aware of how popular text messaging is. It’s no surprise that consumers are more apt to not only read but click links contained in a text message far more than email these days. As a result, mobile communication is ripe for fraud and identity theft.

Cybercrime Support Network, CSN, a leading cybercrime nonprofit organization, has five simple steps CSN recommends to avoid smishing attempts:

Get on the Do Not Call Registry. Even if you *think* you signed up for this, re-registering your mobile phone number may be necessary. Visit DoNotCall.gov to be sure. While the Do Not Call list is not foolproof, it should cut down on unwanted calls and text messages.

Spam reporting. Use the spam reporting feature in your messaging client if it has one, or forward spam text messages to 7726 (SPAM). You can also report to the FTC at ftc.gov/complaint or 1-888-382-1222. After reporting spam, be sure to block the number.

Do not click links. Don’t open links you receive via text message unless you’ve been expecting them or have verified the sender is legitimate.

Visit trusted vendor websites directly (separately from text messages). If you receive a text message that asks you to take an action such as checking an order status or changing a password type, don’t click the link. Instead, type the organization’s URL directly into your browser and proceed from there.

Do not for any reason respond to strange texts. Doing so only lets them know you’re a “real person,” setting you up for additional harassment down the road.