Smishing is spreading – How to spot it

January 27, 2023

By Kim Komando

You’re putting yourself at risk if you aren’t up-to-date on the biggest scamming schemes. There are a lot of widespread cons that many people don’t know about. Tap or click here for seven new scams to watch out for.

Take smishing, for example. While it isn’t all that new, it’s still not the most well-known term. But it’s a spreading issue that threatens anyone who owns a smartphone, so it’s best to find out what it is now.

If you’re scratching your head and wondering what the heck it means, don’t worry. We’ll explain it in this easy guide to smishing. You’ll learn what it is, how to spot it and a few defense strategies.

Smishing steals millions from people like you

It may be a silly name, but it reflects a serious issue. In 2020, cons that started as scam texts tricked Americans out of $86 million, according to AARP. Smishing scams target everyone — and they’re easy to fall for since cybercriminals work hard to impersonate reputable brands and websites.

The FBI had to step in and sound the alarm because it was such a significant threat.

One scary threat you may come into contact with is Medusa malware. It spreads through text messages with malicious links. Click on one and malware will infect your device. This allows crooks to steal data and even take over your phone. Tap or click here to protect your devices from this malware as well as other threats.

Here’s how smishing works

Smishing starts with a text message designed to put you on edge. You’ll see a message on your phone with language that makes you feel like your important accounts are in peril. For example, a message from a new number may say your debit card has been suspended.

Maybe the message warns you of abnormal activity, claiming someone tried to log into your bank from a new device. It might even say you added a new person to receive payments from your bank account. The content may vary, but these texts try to trick you into clicking a link.

Here’s an example of one such text, courtesy of Proofpoint.com:

IRS Smishing Attack Example
Image from ProofPoint

RELATED: How to protect your mobile device from smishing

Once you click the link, you’re sent to a website wherein scammers try to steal your data. For example, if they pretend to be from your bank and you enter your username and password, they could drain your bank account dry. Even worse, they could steal your entire identity.

You never want that to happen. They can commit crimes in your name, slandering your reputation and ensuring you can’t get another job. Tap or click here for three surefire signs someone stole your identity.

Bad guys love to impersonate Amazon

Scammers often pretend to be from Amazon. One out of every three people who reported business impersonators says the criminal pretended to be from Amazon. That’s according to the FTC.

Apple is a close second. Criminals also pretend to be from popular banks like Chase, Bank of America, Citigroup, Wells Fargo and more. Scammers also send out fake messages from Netflix, AT&T, any other brand you may do business with … and even postal services.

FedEx Mobile Phishing Example – Smishing Attack
Image from ProofPoint

How to spot smishing scams before they trick you

These scams can be pretty easy to fall for. That’s why you should watch out for a few red flags, like:

Here’s one warning sign of a smishing scam. Does the text include a threat or warning of bad things that will happen if you don’t click the link? Don’t fall for it — that’s almost a surefire sign of trickery.

On the flip side, be wary of rewards. Texts may promise you’ll get a gift card, cash back or another incredible bonus if you click the link. That’s a sign of manipulation, so don’t let it trick you.

RELATED: How emotions make you easy prey for scammers

We recommend being skeptical of any random text with an embedded link. After all, people and companies usually only send links like this when you’ve reached out first. Say you’re trying to verify an account or sent in an inquiry. Then they’ll send you a link.

But texts with links usually don’t pop up on your phone out of the blue. Thus, you should always look at these sudden texts with caution.

Take these steps to stop smishing scams altogether

Keeping your software and browsers updated is an excellent way to protect yourself from cybersecurity threats. Engineers working on Chrome, iOS, Android and Safari work hard to add new security features to each update. Updating regularly is an easy way to guard against smishing and other threats.

We also recommend taking a step back when you encounter a message that makes you feel emotional. Are you feeling fearful, angry or desperate? Don’t act on impulse.

Instead, look up the alleged company or entity contacting you. For instance, if you get a text from FedEx saying you’re in trouble, don’t respond to the text with a link. Look up the official contact information from the website and check to see if the problem is real or just a fake situation designed by a scammer.

We also recommend using a good antivirus program on your phone and computer. Kim recommends our sponsor, TotalAV, which offers the best protection in the business. It’s received the renowned VB100 award for detecting more than 99% of malware samples for the last three years.

TotalAV offers continuous protection from the latest threats. Plus, its AI-driven Web Shield browser extension blocks dangerous websites automatically, and its Junk Cleaner can help you quickly clear out your old files.

Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price.

https://www.komando.com/news/how-to-spot-smishing/