Keeping personal information out of the hands of criminals can be a difficult task. They are constantly changing up their scams to try and rip us off.
A favorite tool of cybercriminals is the phishing email. This, of courses, is when a scammer creates an email appearing to be from a trusted source, hoping to steal sensitive data by tricking you into clicking on a malicious link. There's a twist to this scam, making the rounds that could let a criminal drain your bank account.
What's the latest phishing scam twist?
Cybercriminals are now creating fraudulent text messages that are set up like phishing scams. It's called "smishing," short for SMS phishing. The latest smishing scam is so convincing, anyone could fall for it.
What's happening is, scammers are sending text messages that appear to be from a bank to unsuspecting victims. The text message claims, "We have identified some unusual activity on your online banking. Please log in to secure your account." There will also be a link that you're supposed to click on within the text.
Warning: Do NOT click on the link if you receive this text, it's malicious!
The link actually leads to a fake website that looks exactly like the bank's official site. Once there, the victim is asked to enter their sensitive information. If they enter the data, the criminal can access the victim's account and cause all kinds of havoc.
This smishing attack has been spreading like wildfire recently in the U.K., but it's now made its way to the U.S. So beware, you might receive a fraudulent text or phone call purporting to be from a bank in the near future. Keep reading so you can be prepared.
How to defeat a smishing scam:
- Use caution with links - Do not click on a link inside a text that's supposedly from a financial institution. There's a chance it's malicious and will take you to a spoofed site. If you need to log into your bank account, type the web address directly into your browser.
- Phone number - If you receive a text or email claiming to be from your bank, do NOT call the phone number that is provided. Whenever you need to discuss banking details, always call the number that is printed on the back of your debit or credit card. That way you know the number is legit and you're not going to be scammed.
- Security details - You should NEVER reveal your security details like your full passwords or PIN code over the phone. A bank will never ask for your online account password over the phone. They might ask you to answer a preset security question, which is fine, but never your password.
- Be vigilant - Never assume that a text message or email is genuine. Scammers can spoof phone numbers and email addresses to make them look official. Don't click on links within these messages, always type the website address into your browser or call the phone number located on the back of your card.
- Trust your instincts - If a text or email seems suspicious, delete it immediately. Follow up by calling the company using the trusted phone number on the back of your card.
- Take your time - If you receive a call from someone claiming to be from your bank, don't let them rush you into giving them sensitive information. The incoming number could have been spoofed and a scammer might be on the line. Just tell them that you need a moment and you will call them back. Then call using the phone number that you know is correct.
- Don't feel pressured - If the person calling is pressuring you to give them sensitive data, stay calm and refuse. Just hang up the phone and call the company's trusted number to follow up with the issue.