PORTLAND, Maine — Rich Brooks from Flyte New Media in Portland joins us on 207 regularly to talk technology—the good, the bad, and the criminal. In this conversation we focused on the last of those three. Here are the talking points Rich provided about how to protect yourself from text scams.
Scams delivered through smartphones are growing in popularity. How can you identify a scam from a legitimate text, and what should you do if you realize you’ve fallen victim to a scam? First off, what should we know about text scams?
You may have heard the term phishing, which describes when scammers try and trick you into giving away personal information. You may also know that texting is often referred to as SMS, or short message service. So the unfortunate name for text scams is “smishing.”
Coincidentally, just the other night at dinner I was smished. I received a text letting me know that Oral-B wanted to pay me $500/week to wrap my car in ads.
How does a scam like that work?
They send you a check but some of that money needs to pay for the installer, and you need to pay for that via a money order. Your money order is legit, but their check is not. You pay for the money order and you owe your bank money when they discover the check is bad.
This is just a variation on a popular scam where you get paid money, but you need to pay some of that money to a third party. That’s a huge red flag.
What are some of the other ways that scammers use your smartphone to get to you?
Sometimes they’re looking for personal information for identify fraud or to access your accounts with sensitive information. They convince you to provide your SSN, your mother’s maiden name, or some other information that gives them access to unlock other accounts.
Other times they want you to click on a link from within the text. You might get a text about the status of your FedEx package and you need to click on a link to learn more. Even if you weren’t expecting a package, you might click on that link which takes you to a website that infects your phone with malware.
Besides getting personal information or infecting your phone with malware, how do they get money from you?
Emergency texts - sending an email about a loved one being in the hospital or in jail and needing emergency funds.
Refund scams - telling you that you have overpaid for something and that you are due a refund. They use this ruse to get bank routing information from you and then they can take money from your accounts.
Reactivation scams - telling you your account has been hacked and you need to login to reactivate your account. They send you to a spoofed website and capture your login information there.
How can we defend ourselves?
Recognize that anyone can fall for these. While it’s sometimes easy to believe that only naive or greedy people would fall for these, a recent study showed that 97% of consumers couldn’t identify all the phishing scams presented to them. Scammers are getting more sophisticated, and if they use a technique you’ve never seen before, it can be disarming.
If it’s too good to be true, it probably is. You didn’t just win a contest you forgot you entered, nor is a Nigerian prince looking to help you out.
Don’t give out any personal information if you’re unsure of who’s on the other side. Don’t click on unknown links. And if a random stranger tells you there’s an emergency with a family member, ask some questions that only they would know. In short, clicking on a link or replying is the easiest way to take action, but it is likely not the safest.
If we realize we have fallen for a scam, what should we do?
Cancel any relevant credit cards. Inform you cell phone carrier. Change your passwords on any relevant and important apps, especially banking, social media, or anywhere else you have sensitive info.
Report the suspected text spam directly to your carrier or the FTC through their complaint assistant.