Smishing Scams: Protect yourself.

Have you ever received a text message that claimed to be from your bank, Central Bank or Police, asking you to click on a link or call a phone number to verify or re-activate your frozen account? If your answer is yes then you may have been targeted by a smishing scam.

What is smishing? In a nutshell, smishing (a combination of the terms “SMS” and “phishing”), is a form of phishing where you are essentially tricked into giving someone your personal data via a SMS message, which then can be used to steal your account details and money.

In recent years, smishing has become an increasingly common cyber threat, and this trend has gained momentum during the Covid-19 pandemic as people spend more time on their mobile phones. What makes this type of scam more dangerous is the fact that it is not detected as easily as phishing due to its mode of delivery as mobile phones don’t typically filter out suspicious texts.

If you are suspicious of a phishing email sent to you, the first thing you would do is check the email address to see if it is fraudulent. However, with smishing scams, it’s not as easy to recognize the signs as the message can appear to come from a trusted source or company.

What does a smishing scam look like?

Smishing scams often target customers of familiar companies and establishments. Earlier this year, several people in the UAE received text messages that purport to be from Central bank or CID/Police. The text message was encouraging customers to update their EID or their accounts will be closed. Customers were asked to call on the number provided in the text message to avoid blocking the account. This is an example of fraudulent notifications.

Several people in the US received text messages that purport to be from FedEx about pending deliveries, yet were actually fraudulent notifications. The text directed the users to click on a link to track their packages that enabled malware to be downloaded onto mobile devices.

Another recent smishing campaign enticed people to complete a survey where they were asked to provide credit card details to earn rewards and prizes on behalf of Amazon. The victims were later charged monthly for services that they unknowingly subscribed to.

Some scams of these nature can prove to have dire financial consequences for customers.

How to protect yourself

By following a few simple rules, you can easily avoid becoming a victim of smishing scams. The first rule is to refrain from clicking on any suspicious links sent to you in unsolicited texts. Some of these messages may ask you to reply or call a number, which is something you should never do. Replying will only confirm to the scammer that your number is active, and by doing so, you will likely receive more texts attempting to lure you into the scam. Instead, simply delete SMS and block the phone number of the sender.

When in doubt, you can always do a quick Google search to find out if others have received the same message or check with the company that purportedly sent the text to determine if it is legit or fraudulent.

What to do if you took the bait

If you already clicked on a suspicious or fraudulent link, you can still take steps to keep your device and personal data secure. Start by installing an antivirus app that can scan your device, detect the virus and fix the problem before you lose any valuable information. Antivirus apps can be your best line of defense against future smishing attacks so it would be a wise move to download antivirus/anti-malware on your mobile device, even if you have not yet received any suspicious text message.

As soon as you realize that you have been targeted by a smishing scam, take a screen shot and report it to the company concerned immediately, as well as your bank (if the SMS is from the bank). Call the bank on the number found at the back of your debit/credit card. This will help minimize any risks or losses and prevent others from falling prey.

Be cautious

While you may be tempted to give in to the idea that it may just be your lucky day and respond to claim a prize, if you don’t remember entering a competition in the first place, the chances are that it is not legit. Also keep in mind that the Apple Store and Google Play Store are the standard trusted platforms you should be downloading apps from, and companies should not be asking you to click on links or download apps via SMS.

By staying alert and following the above-mentioned tips, you can steer clear of smishing scams and keep your device and money safe.

Don’t forget to share this article with friends and family if you found it useful!

Joumana Saad is an American freelance journalist and media personality based in Dubai. She writes about financial, media and technology news and topics.

The content reflects the view of the author of the article and does not necessarily reflect the views of Citi or its employees, and we do not guarantee the accuracy or completeness of the information presented in the article except information on Citibank N.A. – UAE products referenced herein.

Related articles

Dec 17, 2019 - CRYPTOCURRENCY
What is a bitcoin and how does it work?
Dec 17, 2019 - FINTECH
The era of FinTech.