Remember the ’90s? If you were around when the internet was going through its first growth phase, you might remember the forwarded chain email warning that if you didn’t forward the message to ten of your closest friends, you’d lose your money, your job, your family, or – even worse – would never get to meet MacGyver! While these schemes were usually easy to spot, the modern text message spam or phishing scheme is harder to detect, more personal, and subject to a better return for the scammers. Unfortunately, SMS phishing schemes (smishing) are on the rise, with one recent report observing a 900%+ increase in scam messages in September 2012. While there are other threats posed by the ubiquity of text messaging such as the iPhone SMS vulnerability, the potential for scams makes text message phishing the biggest text messaging threat. The Cloudmark report on iPhone vulnerability shows us that the bad guys are getting smarter – so you will need to as well.
With so much potential for trouble, it could be hard for you to tell what is a real message/alert and what is a scammer attempting to gather information. With an increasing number of mom and pop businesses joining organisations large and small to use automated SMS text messaging, it’s getting even more difficult to decide what messages you should delete and which ones are legitimate. So how can you decide whether to delete the next text you get? Here are some things to keep in mind to help you stay safe.
Do not provide personal information. Ever.
If a message from a number you do not know purports to be your doctor, bank, loan company or anyone else asking for a PIN, password, mother’s maiden name or the name of your first dog, warning bells should be ringing. This indicates that you are probably not dealing with a legitimate alert from a reputable company. Any requests for PINs, passwords, access codes, or personally identifiable information should be a big red flag. Never provide personal information through text message. And if your bank is asking for a PIN via text message, then change banks.
Check the grammar
It’s hard to avoid the fact that TXT slang may be slowly ruining written language, but professional messaging services should not have flagrant misspellings, abbreviations, and other weird jargon. A text that contains symbols, odd abbreviations and slang only acceptable in a teen’s vocabulary should be a warning, and you’ll want to delete that message.
Identify the sender
Some messaging providers like Bulletin allow users to send text messages using a ten-digit number so it doesn’t look like spam – it looks just like a real number. For example, if you send a reminder message to a patient about an upcoming appointment, the message will come from their ten-digit number. Some messaging providers will not offer this feature, so beware.
When in doubt, call the sender
If you are questioning a txt’s validity, especially regarding your bank or other financial information, don’t hesitate to call them at the number listed on the back of your credit/debit card to verify whether a message was sent your way.
Do not rely on the number provided in the SMS message as that is likely to connect you to the scammer. Your bank or credit card company representative should be able to provide you with any information you need and will also be able to escalate the scam to their fraud department for investigation.
Do not rely on TXT alone for communication
If you get a TXT about a horse/dog/bird/phone/chair that politely asks you to pay for shipping/vets/tax/refurnishing then chances are it’s a scam. Do not respond by text message.
If you put your number in an auction and then get a TXT, it may be a scam.
If the sender wants you to send money overseas, it’s a scam.
If it sounds too good to be true, it’s probably a scam. But if not, and you do get millions from a distant uncle who passed away leaving you all his money and the lawyer only wants to communicate via TXT, then you have our deepest sympathies for your loss. If you could see your way to sending us some money it would be much appreciated….
Finally, if all else fails, ask yourself “What would MacGyver do?” It never fails.