Friday, January 21, 2011

Smishing – Yet another Scam

Phishing, as you know, is when you receive an e-mail from a supposedly trustworthy source such as your bank or Pay Pal, claiming a problem with your account and asking for your user name and password. Now we have what's called "Smishing." It is the latest twist on this type of scam - instead of getting an e-mail, you get a text message. The word "smishing" is a combination of "SMS," for short message service and "phishing."
You're told to call a toll-free number, which is answered by a bogus interactive voice response system that tries to fool you into providing your account number and password. To prevent it, if you get a text alert about an account, don't respond before you verify that it's legitimate. Call your real institution for verification.
Your text message will appear like this:

Although wireless telephone companies are working to block unwanted text messages, users are reporting increasing numbers of “spam” messages and smishing attacks. Adding insult to injury is the fact that users must pay for the text message they get on their cell phones.

How the scam works
The scam is similar to the deceptive e-mail and phone schemes known as phishing and vishing. In all these forms of fraud, scammers try to trick victims into revealing personal information like account numbers, Social Security numbers, and passwords. The personal information is then used to withdraw money from victims' accounts or obtain credit in victims' name.

In smishing scams, cell phone users receive a text message that seems to come from a legitimate source, such as a bank, e-commerce site or other financial institution. The message seeks to dupe users into clicking on a link via the phone's internet connection, or into calling a certain phone number. Both the link and phone are fraudulent, and lead to requests for personal information that can be used for ID theft. Once your identity has been stolen, it generally takes much time and effort to try to regain your lost funds and your good name.

How to protect yourself
Now that you're aware of the problem, it's wise to take a few simple precautions to protect yourself from this growing form of fraud.
• Never respond to unsolicited requests for personal financial information received via text message – even if the request appears to come from a legitimate institution that you do business with. This includes request to “confirm, verify or update” your information.
• Always know who you're dealing with. Don't click on links in text messages, or call numbers listed in text messages. Verify contact information independently, and key in web addresses yourself.
• Put passwords on all your financial accounts.
• Monitor your credit report regularly for signs of irregularities.

No comments:

Post a Comment