Text Scams: The Long Lost Eleventh Plague of Egypt

March 15th, 2018 by admin

You’ve probably seen phishing scams before...you may have even forwarded a few. (It’s ok, this is a safe space.) We want to make sure you are aware of SMS phishing because it’s even more devious than regular phishing scams, it’s downright dastardly. But don’t worry, a little learning and you’ll have nothing to fear. SMS phishing is a relatively new scam, the earliest in modern history happened around 2012, but some hieroglyphs depict the practice as early as 1400 BC. It’s essentially the same principle as email or messenger phishing, where bad guys send messages and/or links that are meant to get the unsuspecting victim to reveal personal information or credentials. What’s different with SMS phishing is that text messages generally don’t go through the same process of filters that most email and web messages do. SMS firewalls exist, but aren’t standard issue in your phone’s operating system. That means scammers are free to attach links and even some files to their messages, and you are your only defense. To help you identify these scams, we have some examples from USA Today below:  
  • Dear customer, Bank of America needs you to verify your PIN number immediately to confirm you’re the proper account holder. Some accounts have been breached. We urgently ask you to protect yourself by confirming your info here.
  • “IRS Notice: Tax Return File Overdue! Click here to enter your information to prevent being prosecuted.”
  • Your entry last month has WON. Congratulations! Go to [URL] and enter your winning code – 1122 – to claim your $1,000 Best Buy gift card!
  • Beautiful weekend coming up. Wanna go out? Sophie gave me your number. Check out my profile here: [URL]
  If you aren’t careful, Sophie is going to steal your identity. What each of the above text messages have in common, is that they want you to click a link and enter personal information. That being said, even clicking the link can be harmful and some attacks could be completed with nothing but a click. SMS scams are tricky, largely because users aren’t expecting them like we do with email. With a cautious eye, each of these can be identified as harmful (or at the very least, as something that needs to be questioned) without clicking the link. Generally, never click a link in a text message if you can help it. If the message claims to be from the government, you can always call the related departments to see if there is an issue. If it’s a sweepstakes you never entered in the first place – just no. Lastly, if Sophie is giving your number out to some hot vixen, give them (Sophie or hot vixen) a call before clicking the link to stalk their profile. In addition to being careful, you can always call your IT support if you get a suspicious message and you aren’t sure if it’s legitimate.   There are several big brands of SMS firewalls that could be very useful for company or personal use. A little bit of caution goes a long way, and it will probably be enough to keep most people out of trouble. Let us know if you want to hear more about SMS phishing, or to get a look at SMS firewalls. As a general rule, be careful and suspicious when reading and responding to text messages from unknown numbers, and you’ll have nothing to worry about.

Posted in: Protection, Security, Tech Tips, News, Technology