How to recognize and avoid smishing attacks

From “family emergency scam” to “your parcel is arriving, track here,” smishing texts rely on different tactics to convince users to reveal personal information. Smishing (meaning phishing via SMS) is when fraudsters send an SMS to trick you into divulging private information.

How it works: The hacker sends an SMS with a link, claiming that clicking the link is essential to solve a problem (with a delivery, parcel, blocked or suspended card or account, helping a family member, etc.). Clicking the link will direct the receiver to a fake website asking him to provide personal information onto a (fake) form or download malicious software that will track and collect data from the device.

What to look for

It can be challenging to assess the authenticity of a text message. As a general rule, do not click on any link sent via text message if it asks for your personal information, like bank details or social security number.

Here are some signs that an SMS might be a phishing attempt:

1. Unknown/ hidden numbers – In some cases, scammers are hiding their identity, but they can also “spoof” a local number to seem “authentic.”
2. The (pretended) sender. Institutions such as banks, IRS and debt collectors never request personal or financial information via SMS. (Read more about the yearly tax return scam.)

Impersonated websites, logos, names – Fraudsters are getting better at imitating actual brands and institutional communications – fewer grammar or design mistakes to raise suspicion.

1. Refund/reactivation scams. Don’t reply to messages claiming you must receive money or re-activate an account. Instead, find out if that’s the case by contacting the company or service provider directly.

What you can do

Ignore all messages urging you to fill out forms or click links. For an extra layer of security, get mobile security software that includes anti-phishing protection, antivirus protection, web protection, anti-theft tools, and app scanning, like Bitdefender Mobile Security. It will prevent you from accessing web pages that contain malware, phishing, or fraudulent content, keeping you safe even if you click a link by mistake.

The Malware Scanner, to single out only one of its multiple technologies, defends you against a wide range of threats, from ransomware to hidden apps that try to scam and steal from you.