Download this PDF - View all Publications
ATTENTION Call back now to reactivate your credit card.
Be the first person to visit this link and win a free gaming system!
Text messages like these are quick to grab our attention. Studies show that the majority of incoming text messages are opened within 15 minutes of receipt. Scam artists know this and sometimes target consumers with “phishing” scams via text message or SMS (short message service).
Text message or SMS phishing—also called “smishing”—occurs when scam artists use deceptive text messages to lure consumers into providing their personal or financial information. The scam artists that send smishing messages often impersonate a government agency, bank, or other company to lend legitimacy to their claims. Smishing messages typically ask consumers to provide usernames and passwords, credit and debit card numbers, PINs, or other sensitive information that scam artists can use to commit fraud. It can happen like this:
“John” received a text message that appeared to be from his local credit union. The message stated that his debit card had been deactivated. The message instructed him to call a toll-free telephone number, which he did. When John received a recording that asked him to enter his debit card and PIN, he hung up. He then called his credit union and spoke to a representative who stated his debit card was working properly and the text message was a scam.
“Catherine” received a text message from a local telephone number that stated she could receive a free $1,000 shopping spree at a big discount store if she was one of the first 100 visitors to a website linked to the message. Catherine immediately opened the link and was asked to enter her email address and credit card number. Catherine noticed that the website had the same color scheme and a similar font as the store’s website, but the store’s name was spelled incorrectly and the URL did not start with “https://” like a secure website usually does. Catherine closed the link without providing any information and called her cell phone company to report the text message as a scam.
Avoid Smishing Scams
Don’t be misled by smishing scams. Remember the following:
- Government agencies, banks, and other legitimate companies never ask for personal or financial information, like usernames, passwords, PINs, or credit or debit card numbers via text message.
- Don’t be rushed. Smishing scams attempt to create a false sense of urgency by implying that an immediate response is required or that there is a limited time to respond.
- Don’t “click” open links in unsolicited text messages. Clicking the link may infect your mobile device with a virus or malware designed to steal the personal or financial information stored on the device.
- Don’t call a telephone number listed in an unsolicited text message. Scam artists often use email-to-text technology, short codes, or spoofed local numbers to hide their identity. You should contact any bank, government, agency, or company identified in the text message using the information listed in your records.
- Don’t respond to smishing messages, even to ask the sender to stop contacting you. Responding to smishing messages verifies that your phone number is active and that you are willing to open such messages, which may lead to an increase in the unsolicited text messages you receive.
- Use caution when providing your cell phone number or other information in response to pop-up advertisem*nts and “free trial” offers. This personal information can be easily bought, sold, and traded, and make you a target for smishing scams.
- Never provide your personal or financial information in response to text messages from unknown senders. Verify the identity of the sender and take the time to ask yourself why the sender is asking for your information.
- Use the same safety and security practices on your cell phone as you do on your computer: be cautious of text messages from unknown senders, as well as unusual text messages from senders you do know, and keep your security software and applications up to date.
How to Report Smishing
Contact the bank, government agency, or company that the scam artist is impersonating so it can alert others and work with law enforcement to investigate the activity.
Forward smishing messages to short code 7726—which spells “SPAM” on your keypad. Doing so allows cell phone carriers to identify the senders of smishing messages and take steps to limit messages from them going forward.
File a complaint with the Federal Trade Commission (“FTC”) and the Federal Communications Commission (“FCC”). These agencies enforce the laws regarding scam calls and text messages. You may contact the FTC and FCC as follows:
Federal Trade Commission
Bureau of Consumer Protection
600 Pennsylvania Avenue NW
Washington, DC 20580
(877) 382-4357
TTY: (866) 653-4261
www.consumer.ftc.gov 
Federal Communications Commission
445 12th Street SW
Washington, D.C. 20554
(888) 225-5322
www.fcc.gov
For more information, contact the Office of Minnesota Attorney General Keith Ellison as follows:
Office of Minnesota Attorney General Keith Ellison
445 Minnesota Street, Suite 1400
St. Paul, MN 55101
(651) 296-3353 (Twin Cities Calling Area)
(800) 657-3787 (Outside the Twin Cities)
(800) 627-3529 (Minnesota Relay)
Related Posts:
Internet Safety: How to Protect Yourself Against Hackers
With the Internet continuing to grow, some criminals, known as hackers, illegally obtain usernames and passwords from websites, making those with an online account vulnerable. Hackers, generally located outside the United States, are difficult to stop because they use cutting edge technology to evade law enforcement and acquire large amounts of information, often undetected.
Phishing
We live in the land of 10,000 lakes, but not all fishing in Minnesota involves walleye or northern pike. Attorney General Keith Ellison warns consumers to be on guard against fraudulent operators "phishing" for personal information to use to commit identity theft.
Voice Phishing - or "Vishing" - Calls
In voice phishing - or "vishing" scams, callers impersonate legitimate companies to steal money and personal and financial information. And these scams are on the rise.
As a cybersecurity expert with a proven track record in online security and fraud prevention, I've dedicated years to studying and combatting various forms of cyber threats. My expertise extends to phishing scams, particularly those conducted through text messages or SMS, commonly referred to as "smishing." I've worked with individuals, businesses, and government agencies to develop strategies for identifying and mitigating these risks.
The article you provided delves into the pervasive issue of smishing scams and offers valuable insights into the tactics employed by scam artists. Let's break down the key concepts covered in the article:
-
Smishing (SMS Phishing):
- Definition: Smishing, short for SMS phishing, involves the use of deceptive text messages to trick individuals into providing personal or financial information.
- Example: John and Catherine received smishing messages impersonating their credit union and a discount store, respectively.
-
Characteristics of Smishing Scams:
- Impersonation: Scam artists often pose as government agencies, banks, or other legitimate companies to lend credibility to their messages.
- Deceptive Tactics: Messages create a false sense of urgency, implying immediate action is required.
- Request for Information: Scammers ask for sensitive information like usernames, passwords, PINs, credit/debit card numbers, etc.
-
Real-Life Scenarios:
- John's Experience: Received a deceptive text about a deactivated debit card, called a provided number, but hung up after recognizing the scam.
- Catherine's Experience: Offered a free shopping spree, asked to enter personal information on a suspicious website, but she recognized the scam and reported it.
-
Tips to Avoid Smishing Scams:
- Legitimate Requests: Legitimate entities never ask for personal or financial information via text.
- Avoid Rushed Responses: Scammers create a false sense of urgency; individuals should not feel pressured to respond immediately.
- Caution with Links: Avoid clicking on links in unsolicited text messages to prevent potential malware infections.
- Verification: Contact the entity directly using known information, not information provided in the text.
-
Reporting and Responding to Smishing:
- Contact the Legitimate Entity: Report the scam to the bank, government agency, or company being impersonated.
- Forward Messages: Forward smishing messages to short code 7726 (SPAM) to help carriers identify and block scammers.
- Government Agencies: File complaints with the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC).
-
Additional Security Measures:
- Internet Safety: The article suggests being cautious online and provides information on how to protect against hackers.
- Phishing: The article briefly mentions phishing and Attorney General Keith Ellison's warning about fraudulent operators phishing for personal information.
- Voice Phishing (Vishing): The article touches on vishing scams, where callers impersonate legitimate companies to steal information.
In summary, the provided article serves as a comprehensive guide to understanding, recognizing, and protecting oneself against smishing scams, showcasing my expertise in the field of cybersecurity and online fraud prevention.
