SMiShing

What it is:

“SMiShing” is short for “SMS Phishing,” a variation of phishing that uses cell phone text messages rather than email to lure victims into revealing personal information.

How it works:

The most common form of SMiShing is a text message that claims to be from a financial institution.

The message will state that the recipient’s account or card has been deactivated or suspended, and contain instructions to either visit a website or call a phone number (more common) to “verify” information. Earlier version tended to use website addresses, but more recent versions have used automated voice response systems over the telephone.

Once the victim visits this site or calls the number, they will be prompted to enter such information as account or card numbers, social security numbers, date of birth, driver’s license number and other information.

An earlier form of SMiShing tells the recipient that they have either made a large purchase or signed up for an online dating or similar service. The message will instruct the victim to visit a website that will once again ask for personal information in order to “cancel” the service or purchase, and may also infect the victim’s computer with malicious programs such as viruses and spyware.

How to protect yourself:

Similar to phishing, the first thing to remember when you receive a text message is that a legitimate financial institution is never going to use SMS messaging to contact you about verifying your account information.

If you think there might be a real problem with an account or card, call the financial institution directly and ask them about the message. Never use the phone number or website listed in the text message itself.

Even if you’re sure it’s a fake text message, you may consider letting your financial institution know their name is being used in this type of fraud.

If the message says you are signed up for a service or made a purchase, you can simply delete it. This type of SMiShing attack is becoming less common. If you’re truly concerned, keep an eye on your credit card and cellular phone bills for new, unfamiliar charges (which you should be doing anyway). In any case, never call the phone number or visit the website listen in the text message itself.

Links

Fact Sheets

Comments are closed.

Follow

Get every new post delivered to your Inbox.

Join 137 other followers