Cybercriminals are always looking for new ways to go “phishing” for your personal information. When tried and true methods grow tired and easy to spot, they’ll often shift their approach. Their latest tactics? Text message and social media scams.
As would-be fraudsters continually change course, we continue to be your ally and help you stay up to date on the newest cyber threats.
Watch for these smishing tactics
Say you’re busy working on an upcoming presentation at work and your phone buzzes. Or perhaps you’re chasing your toddler around the house while simultaneously making dinner and your phone emits a loud ping. You’ve received a text saying your phone bill is late and a link to pay it quickly.
With your mind on other things, your first instinct might be to click the link to quickly resolve this issue. After all, you don’t want to forget to pay your bill and get hit with a late fee. The problem? This text that looks like it’s helping you avoid a late payment is actually a message from a scammer.
Smishing, or SMS phishing, is when a cybercriminal sends you text messages claiming to be from a reputable company, organization or person in an attempt to convince you to reveal sensitive information like passwords, credit card numbers and more. Often, criminals try to steal your data or money by tricking you into clicking a link, revealing personal details or login information.
Fast Fact: Smishing is on the rise, costing victims a significant amount of money. In 2021, consumers lost $131 million as a result of SMS phishing attacks.
You may be aware of the security risks involved with phishing scams and clicking unknown URLs in emails, but the dangers are less well known when it comes to texts. Don’t be inclined to trust a text message any more than you do an email.
Unfortunately, it’s just the latest trick. You also need to watch out for job hoaxes, deposit scams and tax fraud.
Stop smishing in its tracks
You can help readily protect yourself against smishing scams by remembering to:
1. Beware of payment requests
Ask yourself if it’s typical for this company, service or person to send you a text message.
2. Pause before responding
If you’re in a rush, you could miss the potential warning signs of a cyberattack.
3. Look closely at the text
Like most phishing attempts, mistakes in the message can alert you to the fraud attempt. Common signs include: the sender doesn’t have the correct amount of digits in their number, words are misspelled and/or the link URL might not match the alleged source of the text.
4. Do not respond
Trust your gut if something seems off or if you have any doubts about who sent the text.
5. Follow-up separately
If the text appears legitimate, but you still aren’t 100% sure, try to verify its authenticity. Visit the website of the alleged sender and give them a call at the number listed. Or log in to your account to view your payment status.
Always be cautious, double-check requests and utilize these tips when handling suspicious messages.
Keep tabs on these social media red flags
Popular movies and streaming services often depict shocking social media schemes where cybercriminals scam millions from unsuspecting victims. These scams may seem obvious when viewing them on screen — giving you a feeling of immunity against these attacks. But in reality, social media scams can be subtle and difficult to detect, despite becoming increasingly common.
Some typical social media schemes include:
Be wary of unsolicited investment offers, particularly those for cryptocurrency. And remember, if it sounds too good to be true, it often is. Words like “guaranteed” returns or “incredible” gains are hallmarks of fraud.
If you’ve never met someone IRL, you should always view requests for payment and loans as potential red flags.
Scammers may hack your friend or family member’s profile and contact you, urgently asking you to send money or promoting fraudulent links or cryptocurrency.
Online shopping scams
You might order a product marketed on a social media site, but it never arrives.
Fast Fact: The FTC has warned that scams started on sites like Facebook, Instagram and other social media sites doubled year-over-year in 2021, leading to $770 million in consumer losses.
While these are the most recent schemes, be aware of other trending scams, including WFH and tech support fraud.
Pull the plug on social media scams
Help keep yourself safe from these scams by taking the following actions:
1. Update your security settings
Set your social media profiles to private and restrict your contacts to people you know personally.
2. Beware of anyone asking for money
Don’t respond to social media posts for “easy money,” and be wary of all requests to send money to a possible romantic partner you’ve never met in real life or a potential employer.
3. Double-check any offers
Before you buy anything, verify the company making the offer. Search online for its name plus the words “scam” or “complaint.”
Remember to stay vigilant and be cautious as you scroll through your feeds. Scams can be hiding in between posts from your friends and loved ones. Our Security Center has additional tips to help keep you and your information safe on social media.
Stay one step ahead
Cybercriminals often switch up their strategies, but you can spot their newest tactics by staying alert, asking questions, verifying everything and keeping yourself informed.
Helping you maintain the security of your personal and financial information is one of our top priorities. For other ways to enhance your online safety, visit our Security Center.