Phishing

Phishing
SHUTTERSTOCK

Like the old adage about finding true love goes, “There are plenty of fish in the sea!” In the digital world of cyber hacking, they’re known as “phish,” a scamming tactic used to trick people into revealing confidential information about their bank account, credit card, or other personal accounts. These phishing attempts first started out as phone calls and emails, but now cybercriminals can also reach you via SMS (text message) through a popular phishing scam dubbed “smishing.” “A good general rule of thumb for a text from someone you don’t know is to just ignore it or delete it,” says Stephen Cobb, senior security researcher at ESET, a company that makes antivirus and Internet security software for businesses and individuals worldwide. “I think blocking is an option if you’re getting messages from the same source all the time, but the smarter criminals will rotate the numbers they come from.”

 

Advertisement

The “acquaintance” you never met

The “acquaintance” you never met
Shutterstock

Some scammers act like someone who appears to know you and lure you in with a friendly message. USA Today reports that the message may look like this: Beautiful weekend coming up. Wanna go out? Sophie gave me your number. Check out my profile here: [URL]. Smishing attempts try to use common names like Don or Ann that aren’t too obvious or hard to pronounce because they want to maintain their not-so-suspicious facade.

Your package is pending

Your package is pending
Getty Images

Getting a text message saying that you have a package waiting for you might seem tempting, but think before you click on anything. A new text message scam has been making its way around the country. People have reported receiving messages saying: [Name], we came across a parcel/package from [a recent month] pending for you. Kindly claim ownership and confirm for delivery here, and then a link. Clicking on the link and inputting personal information potentially allows cybercriminals to steal your identity, empty your bank account, or install malware on your phone.

 

Your bank is closing your account

Your bank is closing your account
Via iPhone

Cyber hackers often disguise themselves as trusted institutions like your bank or utility company to sway you into giving up your password, PIN, or other personal credentials. The message may read something like: Dear customer, Bank of America is closing your bank account. Please confirm your PIN at [URL] to keep your account activated. Messages of this nature also contain urgent language such as “If you don’t reply within 24 hours, your account will be closed.” Cobb says it’s best to go directly to the company that is purporting to send you this scary message. It may require a call to your bank, but at least you’ll have confirmation from the source that your personal credentials are safe. You have to be careful online shopping as well.

You’ve won a major award

You’ve won a major award
Via iPhone

Everyone loves to win prizes—unless it’s a smish prize, which is more of a win for the hackers and a loss for you. Often times, this type of text will be written as: You’ve won a prize! Go to [URL] to claim your $500 Amazon gift card. If you don’t remember entering a contest for anything, do not click on the link, or you may inadvertently be going to a link that downloads malicious code like malware onto your phone, which can damage or disable your phone.

Stay a step ahead with these password mistakes hackers want you to make.

Your debit card is locked

Your debit card is locked
Getty Images

Nobody wants to run into problems with their bank. That’s why when you receive a text alerting you that your debit card is locked due to suspicious activity, it’s very tempting to click the link the text provides to solve the problem—which is exactly what you shouldn’t do. “Don’t reply to an email, phone call or text message that requires you to give your personal or account information either directly in the email or on a website the email sends you to,” says Chase on their website. To avoid being scammed, it’s best to contact Chase directly to find out what’s going on with your account rather than clicking on any link a text message is sending you.

Set your delivery preferences for your FedEx package

Set your delivery preferences for your FedEx package
Getty Images

It’s always a relief to be notified that the FedEx package you’ve been waiting for is delivered. However, it’s best to take a second before clicking on a text that’s supposedly from FedEx. According to CNN, the text messages show a supposed tracking code and link to “set delivery preferences.” The link directs people to a fake Amazon listing and then asks them to take a customer satisfaction survey, after which they’re informed that they won a free gift. Wonderful, right? All they have to do is put in their personal and credit card information—now what could go wrong with that? “FedEx does not request, via unsolicited mail, text or email, payment or personal information in return for goods in transit or in FedEx custody,” FedEx said in a statement. If you receive a text of this kind, it’s best to contact FedEx directly to find out what’s actually happening with your package. If you receive a phone call from your own number, ignore it.

The bottom line: Don’t click any suspicious links

The bottom line: Don’t click any suspicious links
Shutterstock

The links in smishing scams often contain malicious code that can encrypt your files and lock your phone. If that happens, smishers essentially hold your phone hostage and will demand money in return for access back into your phone. The code may even give them access to all of your personal online accounts. “The text component is important because a lot of accounts we have now are using a text code to authenticate you,” says Cobb. If the bank or Amazon asks for the text code they sent you to authenticate your identity, the hacker could intercept that code and access your account remotely. “It’s also a good idea to update your phone to the latest operating system,” says Cobb. “Most of the operating system upgrades for smartphones include security improvements.”

An additional precautionary step to safeguard your phone is to install a reputable app or software that’s made for mobile device protection. One of these security solutions includes ESET Mobile Security for Android devices, which has an anti-phishing feature that prevents you from clicking on links within a message that are malicious. A spokesperson for ESET says, “A product like this is a good layer of security to have in case you are tempted to click, or the scam looks so legit that you don’t even think twice and intuitively click (as many do).”

Make sure you hang up immediately if you hear this phrase when you pick up the phone and definitely look out for these online shopping scams everyone should be aware of.

Sign up here to get Reader’s Digest’s favourite stories delivered straight to your inbox–for free!

Source: RD.com

Never miss a deal again - sign up now!

Connect with us: