Smishing

A Public Service Announcement

Last week I tried to log into my online banking account on my computer and was greeted with a message that it was REVOKED, a scary word.  Therefore, I immediately called the phone number supplied and after a few minutes was told that there were no notes about the action.  I was told that I should visit my closest bank branch immediately because I may have been a victim of smishing.

I had never heard of smishing.  But, I did, immediately, go to the bank where the bank officer also could find nothing wrong with my account and had to call up the chain to find out what was wrong.  She had been away so was not up-to-date on the fact that my bank had frozen a group of customer accounts who “may” have been targeted by smishing.

At that point, I asked about smishing and was given an explanation.  We reset my online banking ID and password and, after 24 hours, I was back to normal.

After talking with several people, I found that nobody I talked to had heard of smishing.  So, I’m posting this information.

First, a few definitions:

Phishing is the criminal practice of sending phony emails containing links to websites that, then, attempt to collect personal information from you.

SMS is the acronym for Short Message Service which is how text messaging works on your cell phone.

Hence, the word smishing combines SMS with phishing.  It is fraudulent text messages that usually contain links to a website that, like phishing, attempts to get you to reveal online IDs, passwords, your social security number and other personal information.

DO NOT respond to text messages that are not from a recognizable source.

Fortunately, I ignore text messages that don’t come from somebody I know or appear to be advertising, etc.  I don’t even answer cell phone calls that don’t have ID or are from people I don’t recognize.  I ignore them and let them go to voice mail.  As a result, I’m rarely subject to telemarketers.

More on smishing

“In many cases, the smishing message will come from a “5000” number instead of displaying an actual phone number. This usually indicates the text message was sent via email to the cell phone, and not sent from another cell phone.”   – Webopedia

“Put simply, smishing is any kind of phishing that involves a text message…. Another option used by smisher is to say that if you don’t click a link and enter your personal information that you’re going to be charged per day for use of a service.  …  Never install apps from text messages. Any apps you install on your device should come straight from the official app store.”  -Norton

Apparently, another technique “… makes consumers think their financial accounts may be compromised, and therefore they follow the fake URL or call a fraudulent phone number even if they suspect it is a scam. But identifying the scam is a consumer’s first defense from becoming a victim of the crime.”  -Kelly Santos, Credit.com @ Yahoo Finance

My bank recommends changing banking IDs and passwords every 6 months.  It’s a pain but, “better safe than sorry.”

In conclusion, be aware of smishing and phishing and other scams and devise your own procedures to try to avoid them.

I hope this was helpful.  Stay smart, stay safe.

All images shown here are reportedly public domain images.