October is National Cyber Security Awareness Month, so this month we’ll be featuring blogs that focus on keeping your online information protected. For more information visit http://www.staysafeonline.org/ncsam and keep checking the Payza blog for tips on keeping your important data secure.
We’ve all heard about phishing scams, right? A crafty con artist reaches out to you under the guise of your trusted financial institution and urges you to divulge highly sensitive personal information, such as your Social Security/Insurance Number, home address, bank account numbers, passwords and PINs.
Well, there’s a newer form of scam that bears a major resemblance to phishing – it’s called “smishing”. Go ahead – laugh at the name. The name sounds funny but if you fall victim to the scam you won’t be laughing anymore. Smishing is similar to phishing in that the person behind it poses as your bank, or other trusted institution, and tells you that they need to confirm your bank account number as a matter of great urgency. But rather than conduct this nasty little bit of trickery through email, they do it through SMS text messaging.
Text-messaging is the most commonly-used non-voice mobile phone feature, if you’re unfamiliar with this scam it’s easy to get taken, and that’s the reason for its rising popularity – as many as 30 million smishing messages are sent to cell phone users in the U.S., U.K. and Europe alone. That’s a lot, and it’s on the rise. But why is this scam suddenly so popular? Most people see their mobile phone as an inherently safe piece of technology, but they are essentially miniature computers that need as much protection as a laptop or desktop because they are just as susceptible to malware and phishing attacks.
Luckily, you can protect yourself with a little effort and technical know-how. Here are some tips to follow:
- Don’t click on any links in the suspicious SMS. They will likely lead you somewhere you don’t want to be, or can act as a conduit for malware and other threatening annoyances.
- Directly contact the institution that has allegedly sent the SMS, and confirm with them that they sent it.
- Forward smishing texts to “7726” so your cell phone provider can mark it as abuse.
- If you’ve already fallen victim, you can contact 1-877-HELP (4357),the Federal Trade Commission (ftc.gov), or any other government office applicable in your country.
- Consider adding security software to your mobile phone, like McAfee’s Mobile Security feature (http://www.mcafee.com/us/products/mobile-security/index.aspx). There are also free options, like the software offered by Avast (http://www.avast.com/free-mobile-security).
- Because most Smishing attempts actually come from the internet and not from a cell phone, you can also look into the “block texts from internet” feature. Some cell phone providers offer this kind of service.
The best tip we can give you is the most effective one: listen to your gut. If something inside of you tells you that a particular SMS is suspicious, heed the warning and delete, delete, delete. Or just ignore.
There’s another form of phishing – called “vishing” – that involves voicemail rather than email or SMS. A scammer might leave a message on your voicemail posing as a representative from your bank or another company/institution asking you to call them back or email them with – you guessed it – some personal information. Keep in mind, your bank would never ask for your information this way, and neither would your cell phone provider or any legitimate government office.
Some vishers bypass voicemail altogether, and will speak to you directly and ask for this information. Some of them can be very convincing and persistent, so the moment you sense something weird, just hang up. Don’t even worry about being polite. You should call the actual company you deal with and ask them if they just contacted you about such and such an issue. More often than not, they won’t know what you’re talking about.