SMiShing: Phishing via Text Messages for Your Identity
As consumers are repeatedly forced to learn, identity theives will attempt to utilize just about any form of communication to part you from private information such as your social security number, your bank account number or your credit card number. Phishing is the use of email or websites that look to come from a trustworthy source, but actually trick people into handing over private information. SMiShing is doing this through SMS messages (text messages) sent to mobile phones.
As reported by the Dayton Daily News, the Better Business Bureau has received reports of SMiShing attempts. One such scam involves text messages sent warning recipients of an emergency with their bank account, and giving them a telephone number to call immediately. The phone number leads to a recording purporting to be a 24 hour banking service, and asks callers to leave their credit card number.
Like any form of phishing, SMiShing can be done in many ways. The text message might ask you to directly respond in order to "confirm" private information like your account number. Or it might direct you to a phone number or website that will ask you to enter your information.
One rule to remember: Never, ever include sensitive information in a text message. This includes social security numbers, bank account numbers, credit card numbers and passwords. Text messages are not encrypted, and an actual bank will not ask you to send such information through a text.
Next, call your bank or credit card company if you get any sort of text message relating to your account. This can quickly let you know if you've been SMiShed, and can help your bank get the word out to others.
- How to Avoid Phishing Scams (antiphishing.org)
- Avoid Identity Theft (ftc.gov)
- What Are The Most Common Ways To Commit Identity Theft? (usdoj.gov)
- Identity Theft and the Law (provided by Schwartz Law Firm, P.C.)
- Protecting Against Identity Theft (provided by Cirignani Heller & Harman, LLP)