If you have recently received a bunch of suspicious texts from unknown numbers, you are not alone. Hopefully these missives tripped your alarm and you didn't click on them because they aren't legit. They are a new iteration of the scam in which thieves hide behind a screen in order to trick you into giving them what they want. The update on the classic con is called smishing and it's a combination of texting andphishing. Don't feel bad if you think the texts are legit. They are cunningly designed to take advantage of this unique moment in tech, a time when the dangers of an increasingly complicated and online economy have us returning to the relative simplicity of the dumbphone era. We put together a primer on how to spot and avoid smishing scam when we have off days.
Gmail has correctly determined that this email is not from the real Illuminati. Credit: Screenshot: Gmail
Smishing scam are the same as email scam but are easier to deploy. A bunch of official looking messages from a spoofed number can be used for ID theft and account pilfering.
While email services have gotten better at weeding out the bad stuff over the years, phone carriers and manufacturers are still in the early stages of developing their own filters. The general public has become more and more aware of the dangers of phish threats. Instead of wasting energy trying to recreate the look and language of a genuine Bank of America email that will not only fool artificial intelligence, but also the end user, scam artists have taken to the easier route of sending messages to tons of numbers with the hope that someone will take them. Occasionally, the message will try to get the recipient to install data-harvesting malware on their computer. The method is more common for users of the most popular operating system on the planet, as it gives them more freedom to download apps from unvetted sources.
It's much harder to recognize an email as a scam than it is to clock a smishing text off. When compared to the type of text we receive from our friends and family, many of the authenticSMS messages businesses send look quite ugly. There are many reasons for these aesthetic issues. The company could have hired a third party to do the work. While going from a computer drafting program to a text message service, it's important to remember that the format can be different from carrier to carrier. The human may have had a weird sense of what looked official.
Credit: Screenshot: iMessage
Moana failed to consider human error as the culprit behind her misspelled name Credit: Screenshot: Whocallsme
Sometimes real texts are mistaken for scam texts, because this method of corporate communication is so strange and unfamiliar. Ikea sent this text to Waitline. It was sent and received at a store in Burbank, Calif. Many people wrote the message off as fake because it was from a phone number that was revealed by a search engine.
Do you think about it?
One of the easiest ways to avoid being a victim of a smishing text is to use common sense whenever possible. Are you a Chase customer? Is that not true? If that account isn't there, it's unlikely they're locking you out. Do you think you will get a package? Is it from the shipping company? It is advisable to comb through your emails for an order receipt and/or tracking number to look up the shipment yourself rather than click on a random link in a text. You will never win a prize if you click a link sent by an unknown number, and this should come as no surprise.
Make sure the sender is checked.
Let's assume the text is from a company you use. The sender should be reviewed. Green bubbles will almost always show up in such messages thanks to the use of the VOIP services. If you send an email with an iMessage message, you can get a second chance at success in your messages. A simple look at the senders contact card can show an email address that is not from the real company.
Credit: Screenshot: iMessage
A glance at the sender is often all you need to determine a text’s authenticity. Credit: Screenshot: iMessage
The number 5000 is an indicator of the email-to-text services that the scam artists use.
The text needs to be inspected.
Smishing texts have telltale signs about their authenticity. The first thing to look for is obvious gaffes like misspelled words or incorrect spelling. No Fortune 500 company will send out communication that is sloppy. The scammers want you to abandon your common sense. Smishers use truncated URLs in text messages. Their scam works by convincing the user to click a link to a shady site, so they'll often create a URL that's front loaded with legit bits and hope the phone's URL protocols hide the more obvious part of the address stuffed at the back. It is a good rule of thumb to never click on links from people you don't know. If you are genuinely concerned about any claim a smisher is making in their bait text, you can always investigate by logging into your account through the normal methods.