Unwanted messages, calls, emails, and solicitations bombard people on a regular basis. Those who know better simply hit delete or ignore them, quickly identifying that these are scams. However, not everyone is as well-informed when it comes to identifying such schemes, especially in times of crisis like the COVID-19 pandemic.
Many scammers take advantage of crises or times of fear to prey on the vulnerable for monetary purposes. Their tactics include phishing emails and sending attachments (claiming to provide more information about the virus) to deliver malware. Data shows that in the UK, there have been reports of more than 500 COVID-19-related scams and over 2,000 phishing attempts to exploit fears, with a total loss of £1.6 million.
Email and social media networks are known channels where users should keep watch of fraudsters, but there’s another important channel that people should look out for scams: SMS.
Roughly 5 billion people around the world can send and receive SMS messages, which makes them a great channel for potential scammers. Let’s have a look at more interesting facts about SMS messaging:
- Text messages have a 98% open rate.
- 10% of SMS marketing messages are spam as opposed to roughly 50% of email messages.
- 31% of mobile users have received an SMS message from unknown senders asking them to click on a suspicious link.
- Around 92% of text spam messages fall under the scam/fraud category.
As online shopping and mobile banking become more prevalent, smartphones are making it more convenient to connect and perform transactions online. That said, the more connected we are, the easier it is for us to become targets for fraudsters.
Below is a quick infographic to help you spot common SMS scams and avoid falling into their traps.
An Overview of SMS Scams
In India alone, a survey shows that about 96% of Indians receive unsolicited text messages daily, and 70% of them still receive spam messages despite registering on the “do not disturb” (DND) list. Spam messages are usually harmless promotional material, but some are more malicious and aim to acquire the target recipient’s name, address, and even bank details.
Spam SMS is glaringly obvious sometimes, yet many people still fall for it. The best you can do is not show any interest in what the suspicious message requests for or promotes.
Data shows that there has been a significant spike in SMS phishing in 2018, mainly targeting the financial sector. Mobile-specific phishing tools imitate login screens of legitimate mobile apps, making it more difficult to track and respond to compared to traditional phishing attacks.
Phishing for personal details over SMS is common via hyperlinks. Watch out for the domain URL as it can look similar to the company’s actual domain but with subtle differences. For instance, a phishing domain might use something like “supportatapple.com,” whereas the official Apple support domain is “support.apple.com.”
SMS Originator Spoofing
SMS originator is also known in the industry as SMS Sender ID or sender. The spoofing happens when the malicious hacker alters their sender ID and uses the display name or number of the identity they’re trying to imitate. This tricks the recipient into trusting the sender and into providing the information they’re asking for.
Spoofing scams aren’t easy to spot right away since they pose as a reputable brand or company. One way to avoid them is to confirm the message’s validity through the brand directly on another channel, whether via social media networks or email. If you suspect anything fishy, always double check by verifying.
SMS Malware Attack
In 2018, there was a jump in activity of a backdoor malware app targeting Android devices. It tricked mobile users into installing the app by sending SMS messages redirecting to a third-party download site, exposing the devices to attacks.
Malware attacks give cybercriminals access to just about anything on your phone. You can’t vaccinate your smartphone, but you can steer clear of malware attacks by being wary of what not to click. You can also install an antivirus app on your smartphone to protect it against viruses or various types of malware.
Common SMS Scam Tactics
SMS scams are on the rise as more people become knowledgeable enough to spot traditional email phishing schemes and other fraudulent messages. These messages are often sent from an automated dialing system aiming at a specific area code or region. Meanwhile, the mobile numbers are obtained by stealing customer information from banks, companies, or elsewhere on the internet.
SMS/text message fraud is inevitable in a mobile-first world. But the growing threat of text messaging fraud brings greater opportunity for online criminal activity. The most common fraud schemes used are family emergency texts to shake up the victims, refund scams, account reactivation text, random prize or giveaway scams with a catch, and delivery scams.
Many scammers masquerade as a business or as a familiar brand to provide a sense of legitimacy and they usually use persuasion techniques to drive their targets to bite.
Tactics like these work because they attack a user’s pain points and vulnerabilities, motivating them to act against their better judgement. Furthermore, text messaging doesn’t have a stringent filter software like emails do, making it harder to detect fraud.
More Tips to Avoid SMS Scams
- Don’t click on any unknown messages with suspicious links.
- Do report SMS scam messages or file a complaint with your carrier or raise the issue to the brand or company being imitated so they can alert their customers.
- Don’t respond or engage with suspicious messages, especially those that sound too good to be true.
- Do update the passwords you use online, specifically your online banking passwords. This is important if you think you may have already fallen victim to a scam. Resetting your passwords will make it difficult for the hacker to continue accessing your account.
- Don’t give away your personal information willy-nilly. Reputable brands generally don’t ask for your personal information out of nowhere. You won’t fall victim to SMS scams if you ignore the message or click on a link.
- Do conduct a quick search to check if the number appears on spam-check or phone number lookup sites. Always verify the domain of legitimate websites.
- Don’t indulge in messages that urge a quick response. Contact the bank or business associated with them to check if it is a legitimate request.
- Do install a trusted anti-virus app on your phone to protect it against Trojans, spyware, or viruses, and download only from the official app store.
Don’t Fall Victim to SMS Scams
There can be a lot of anxiety about receiving malware, spams, and getting scammed through SMS messages. Scammers only have one goal in mind: to steal your data for their own benefit. It’s important to be more dubious of any SMS messages you receive that aren’t from the people or brands that you trust. There’s no harm in being diligent and careful to keep yourself from doing something you’ll regret.
Scams won’t ever stop coming. You can get rid of a few, but more schemes will pop up again in the future as motivated hackers become more sophisticated in their methods.