What you need to know about “smishing” 

Email scams, commonly known as “phishing,” are a trend you’ve likely long been aware of. But in more recent years, this type of scam has increasingly been done via SMS text, a type of fraud known as “smishing.”

There’s a good chance you’ve received text messages from an unknown number in which the sender attempts to impersonate a recognizable business (such as Amazon or Apple) or a government agency (such as the IRS). The sender is often seeking to elicit a response from you in order to obtain sensitive information, usually by telling you there’s a charge in your name or an offer for you to claim. 

Additionally, common smishing red flags include the sender pretending to be someone you trust, creating a sense of urgency, intimidation, or fear, and asking you to pay in specific ways.

Creating awareness

While these smishing attempts are sometimes easy to spot, the statistics offer important warning signs. In fact, according to the Global State of Mobile Phishing report, during 2022 more than a quarter of mobile phone users clicked on six or more smishing links, potentially handing over sensitive information to fraudulent actors. And while it’s fair to assume that older people are more likely to fall victim to text message scams, young people also lack awareness of this issue. Just 22% of 18-22 year olds surveyed for the 2020 State of the Phish annual report were familiar with phishing. Scammers have resorted to smishing in recent years given how often people are on their phones and this reality prompts the need for hypervigilance in the digital era. With that in mind, it’s important to talk about this issue with your friends and family of all ages.

How to avoid falling victim to smishing

When it comes to banking, it’s likely that you won’t be contacted by your bank via text. The same can be said about government agencies. So, any text message you receive regarding your bank account or other information like your social security number should be met with suspicion. If you’re ever unsure about a message you didn’t initiate, you can always call the bank or government agency claiming to should be ignored and deleted.

Further, the Federal Communications Commission outlines general best practices for you to keep in mind. These include:

• Never click on links or reply to messages from an unknown sender, including not texting “STOP” even when that is requested to end messages
• Delete and report all suspicious messages to the FCC’s Consumer Inquiries and Complaints Center
• Keep your smartphone’s software updated to the latest version
• Install anti-malware software on your smartphone
• Use multi-factor authentication to protect all sensitive personal information, including bank accounts, health records, and social media logins