Do not open: phish inside

by | Aug 5, 2022 | Security, Web

Warning against SMS Phishing. Victim standing in front of a hooded hacker.

There’s been a large increase in SMS-phishing scams (or short message service) in the past few years. If you receive a suspicious text, especially one with a link, do not open it. If you do get hacked, report it to your local law enforcement and inform your wireless provider and bank.

The Federal Communications Commission (FCC) tracks the number of complaints about these “robotexts” or “smishing” attacks. In 2019, there were about 5,700 complaints. In 2020, that number jumped to 14,000. As of June 30, 2022, there are a recorded 8,500 smishing complaints.

The FCC recommends these guidelines to protect yourself from such attacks:

  • Don’t reply to texts from unknown numbers, or suspicious texts.
  • Do not share personal information over text.
  • Check the email address of the originator—if there is a typo or spelling error, it is not from the company it claims to be.
  • Be wary of any link sent through text. This includes texts sent from people in your contacts. If it seems unlike the person, they could have been hacked.
  • If a business texts you when you were not expecting contact from them, find their number and call them back. Find a phone number other than the one routed through or listed in the text.
  • Keep in mind that the government will almost certainly not reach out to you via text.
  • A bank, also, will not ask for personal information in a text.
  • If you receive a spam text, you can report it to your wireless provider by forwarding the text to 7726 (or “SPAM”).

You can also file a complaint with the FCC.

However, it is important to note that the FCC tracks the number of complaints made, not the amount of phishing messages sent. Independent sources, such as this report from RoboKiller, estimate a whopping 12,000,000,000 spam texts sent within the United States. This estimate equates to 389 million spam texts received per day, or 2.7 billion texts received per week.

Many people who use the Internet understand that there are dangerous links and websites littered throughout. Organizations and people have resorted to password managers, instead of keeping track of every password themselves. But, as consumers get smarter, so do the attacks.

If a person sees an official-looking text about outstanding balances or bank account problems, a reasonable person could fall for it. No one wants their information leaked! No one wants to be a victim of identity theft! But it is this panicked emotion that could be a person’s downfall; attackers leverage that sense of urgency to get people to act on emotion instead of logic.

These SMS-phishing attacks usually want their victims to click on the link in order to give up their personal data of their own volition. Attackers have gained access with this simple tactic. Opening an attachment could wreak all kinds of havoc; protect your sensitive data by being on the lookout for suspicious emails or email phishing.

These tips and guidelines also apply to messaging apps, like Facebook Messenger or WhatsApp. People who have aged with the Internet may have gained the vigilance against phishing emails, but texts and messages are a danger all on their own. Exercise caution and be careful.