The word might sound funny to say, but make no mistake, SMiShing is no joke. Known as the little sister of phishing, SMiShing is another cybercrime meant to dupe you into revealing your personal information, such as passwords or credit card numbers, which criminals then use to steal your money or your identity.
SMiShing, short for "short message service" phishing, is on the FBI’s Internet Crime Complaint Center list for cybercrimes to watch out for.
A relatively new form of cyberfraud, SMiShing usually appears as a text message from your financial institution or credit card provider alerting you that your account has been compromised and encouraging you to take immediate action. For example, you might receive a text message that requests you to click on a link to receive an important message from your financial institution regarding unauthorized charges to your account. The message might also ask you to call a phone number to discuss a problem with your account. Whatever the request, the result will be the same. Cybercriminals will use the information to commit fraud, either by getting you to type in your account information or by installing malware or keyloggers that will extract your personal information without your knowledge.
"Many Americans are aware of the scams that target emails or websites," says Becky Loggins, Manager of Fraud Communication Strategy. "However, there’s often a false sense of security when it comes to text messages, simply because people aren’t used to hearing about text message fraud and tend to trust that a message originates from a legitimate source."
You can protect yourself against SMiShing by being wary of any unsolicited text messages you receive and taking the following precautions.
- Avoid clicking on links in text messages. Links are often used to install malware or keyloggers–software that tracks your keystrokes.
- Never respond to a suspicious text message. If you receive a text message related to finances that isn’t from your financial institution, don’t respond. Like website links, text responses can be used to verify your phone number and gain access to your personal information. Some financial institutions, like Navy Federal, will use text messages* to verify suspicious purchases, but those texts will never request personal information. Check with your financial institution to see if it offers SMS text banking or mobile alerts so you know how to tell the difference between a legitimate message and a fake.
- Always be on alert for any text that looks suspicious. Contact your cellphone service provider to report the incident and block future texts from that number. Navy Federal will never reach out to members asking for personal information via a text message. You can rest assured, if you do fall victim to credit card fraud or identity theft, Navy Federal has the resources to help you recover.