How to Identify and Avoid SMS Scams [Infographic]

How to Avoid SMS Scams (Banner)

Unwanted messages, calls, emails, and solicitations bombard people on a regular basis. Those who know better simply hit delete or ignore them, quickly identifying that these are scams. However, not everyone is as well-informed when it comes to identifying such schemes, especially in times of crisis like the COVID-19 pandemic.

Many scammers take advantage of crises or times of fear to prey on the vulnerable for monetary purposes. Their tactics include phishing emails and sending attachments (claiming to provide more information about the virus) to deliver malware. Data shows that in the UK, there have been reports of more than 500 COVID-19-related scams and over 2,000 phishing attempts to exploit fears, with a total loss of £1.6 million.

Email and social media networks are known channels where users should keep watch of fraudsters, but there’s another important channel that people should look out for scams: SMS.

Roughly 5 billion people around the world can send and receive SMS messages, which makes them a great channel for potential scammers. Let’s have a look at more interesting facts about SMS messaging:

  • Text messages have a 98% open rate.
  • 10% of SMS marketing messages are spam as opposed to roughly 50% of email messages.
  • 31% of mobile users have received an SMS message from unknown senders asking them to click on a suspicious link. 
  • Around 92% of text spam messages fall under the scam/fraud category. 

As online shopping and mobile banking become more prevalent, smartphones are making it more convenient to connect and perform transactions online. That said, the more connected we are, the easier it is for us to become targets for fraudsters.  

Below is a quick infographic to help you spot common SMS scams and avoid falling into their traps.

How to Avoid SMS Scams

Identifying Common Types of SMS Scams 

Spam SMS

In India alone, a survey shows that about 96% of Indians receive unsolicited text messages daily, and 70% of them still receive spam messages despite registering on the “do not disturb” (DND) list. Spam messages are usually harmless promotional material, but some are more malicious and aim to acquire the target recipient’s name, address, and even bank details.

Spam SMS is glaringly obvious sometimes, yet many people still fall for it. The best you can do is not show any interest in what the suspicious message requests for or promotes. 

Phishing SMS

Data shows that there has been a significant spike in SMS phishing in 2018, mainly targeting the financial sector. Mobile-specific phishing tools imitate login screens of legitimate mobile apps, making it more difficult to track and respond to compared to traditional phishing attacks. 

Phishing for personal details over SMS is common via hyperlinks. Watch out for the domain URL as it can look similar to the company’s actual domain but with subtle differences. For instance, a phishing domain might use something like “supportatapple.com,” whereas the official Apple support domain is “support.apple.com.”

SMS Originator Spoofing

SMS originator is also known in the industry as SMS Sender ID or sender. The spoofing happens when the malicious hacker alters their sender ID and uses the display name or number of the identity they’re trying to imitate. This tricks the recipient into trusting the sender and into providing the information they’re asking for. 

Spoofing scams aren’t easy to spot right away since they pose as a reputable brand or company. One way to avoid them is to confirm the message’s validity through the brand directly on another channel, whether via social media networks or email. If you suspect anything fishy, always double check by verifying.

SMS Malware Attack

In 2018, there was a jump in activity of a backdoor malware app targeting Android devices. It tricked mobile users into installing the app by sending SMS messages redirecting to a third-party download site, exposing the devices to attacks. 

Malware attacks give cybercriminals access to just about anything on your phone. You can’t vaccinate your smartphone, but you can steer clear of malware attacks by being wary of what not to click. You can also install an antivirus app on your smartphone to protect it against viruses or various types of malware. 

Learn to Recognize These Common SMS Scam Tactics

SMS scams are on the rise as more people become knowledgeable enough to spot traditional email phishing schemes and other fraudulent messages. These messages are often sent from an automated dialing system aiming at a specific area code or region. Meanwhile, the mobile numbers are obtained by stealing customer information from banks, companies, or elsewhere on the internet

SMS/text message fraud is inevitable in a mobile-first world. But the growing threat of text messaging fraud brings greater opportunity for online criminal activity. The most common fraud schemes used are family emergency texts to shake up the victims, refund scams, account reactivation text, random prize or giveaway scams with a catch, and delivery scams.

Many scammers masquerade as a business or as a familiar brand to provide a sense of legitimacy and they usually use persuasion techniques to drive their targets to bite. 

Tactics like these work because they attack a user’s pain points and vulnerabilities, motivating them to act against their better judgement. Furthermore, text messaging doesn’t have a stringent filter software like emails do, making it harder to detect fraud. 

Quick Tips to Avoid SMS Scams

  • Don’t click on any unknown messages with suspicious links.
  • Do report SMS scam messages or file a complaint with your carrier or raise the issue to the brand or company being imitated so they can alert their customers.
  • Don’t respond or engage with suspicious messages, especially those that sound too good to be true.
  • Do update the passwords you use online, specifically your online banking passwords. This is important if you think you may have already fallen victim to a scam. Resetting your passwords will make it difficult for the hacker to continue accessing your account.
  • Don’t give away your personal information willy-nilly. Reputable brands generally don’t ask for your personal information out of nowhere. You won’t fall victim to SMS scams if you ignore the message or click on a link.
  • Do conduct a quick search to check if the number appears on spam-check or phone number lookup sites. Always verify the domain of legitimate websites.
  • Don’t indulge in messages that urge a quick response. Contact the bank or business associated with them to check if it is a legitimate request.
  • Do install a trusted anti-virus app on your phone to protect it against Trojans, spyware, or viruses, and download only from the official app store. 

Don’t Fall Victim to SMS Scams

There can be a lot of anxiety about receiving malware, spams, and getting scammed through SMS messages. Scammers only have one goal in mind: to steal your data for their own benefit. It’s important to be more dubious of any SMS messages you receive that aren’t from the people or brands that you trust. There’s no harm in being diligent and careful to keep yourself from doing something you’ll regret. 

To avoid SMS scams, mobile users need to be vigilant when receiving unsolicited messages from unknown sources. Verify the authenticity of the message by contacting the sender directly through a trusted source or by conducting an online search. By staying cautious and taking proactive measures, mobile users can protect themselves from SMS scams and safeguard their personal information.

When all’s said and done, keep in mind that scams won’t ever stop coming. You can get rid of a few, but more schemes will pop up again in the future as motivated hackers become more sophisticated in their methods. 

 

Are you a business or brand looking for a trustworthy SMS marketing tool? Semaphore offers reputable SMS solutions that help businesses provide a better customer experience for their audience.

An Exciting Update About Semaphore

Dear Semaphore Customers

We are thrilled to announce that Semaphore has been acquired and is now being operated by Sombra Inc, a leading provider of internet services and software development for small businesses. While this may seem like a big change, you are still in great hands! The same people who originally developed Semaphore are part of the new organization!

What does this mean for you?

On a day-to-day basis, it’s business as usual. Your SMS messages will continue to be delivered uninterrupted. Going forward there are many new features planned for next year including support for multiple users and accounts, one-stop OTP solutions, scheduled blasts and much more.

Will there be any downtime?

The Semaphore service should remain operational as most of the transition has already taken place. There may be a brief outage for email as we transfer the semaphore.co mail domain to another service but this will be scheduled during a low period and we will provide advance notice and alternative emails to use

What about OR requests?

All OR requests from December 16, 2019 onwards will come from Sombra, Inc.
Any outstanding requests will be completed this week. ORs for transactions before December 16, 2019 will still come from Kickstart.

What does this mean for us?

Semaphore now has new resources and capabilities to continue driving value for you and your customers. We are committed to providing the same high quality service you’re used to as well as providing a fresh approach to new features, support and development going forward.

Our story continues…

Semaphore started out 6 years ago as a quick and easy way for businesses in the Philippines to connect with their customers via SMS. It was then that helping small businesses thrive in today’s digital economy became our mission. As we move forward in our next chapter our mission is the same and we now have more resources, tools and staff to support you as we continue to grow together.

I want to take this opportunity to thank each and every one customer for putting your trust in us over the last 6 years and bringing us to where we are today. We come to work everyday for you. This commitment is stronger than ever during this exciting time!

Please feel free to reach out if you have any comments, questions or concerns.

Sincerely,

Rex and the Semaphore team!

Happy New Year and a big thank you from Semaphore!

Thanks to you, our customers, 2017 was a record breaking year for Semaphore and 2018 is shaping up to be even bigger! As you might recall, we successfully launched our new and improved platform early last year.

As a result of our growth, late last year we experienced a few growing pains involving messages being delayed by minutes and sometimes even hours. To start off the year we’ve been working hard to make the platform as fast and reliable as possible. To achieve those goals we’ve made a few key changes to the way messages are handled as follows:

Single Messages 
Single messages are now processed before bulk messages, meaning that if you send a message to one recipient, that message is prioritized over a message being sent to multiple recipients in a single API request. This should solve the issue where bulk marketing messages end up clogging the queues and delaying messages.

Priority Messages
We’ve also implemented priority messages and corresponding API endpoint which allows your message to skip to the front of the line on both the “bulk” and “single” message queues. To prevent abuse, this “priority messages” cost 2 credits (instead of 1 credit) per 160 character message.

To use this method just change the API endpoint from /api/v4/messages to /api/v4/priority. Priority messages have a guaranteed SLA of 10 minutes. The priority endpoint is not rate limited. This is good for time sensitive messages like one-time passwords or two factor authentication.

API Connection Limits
Starting April 1, 2018 all non-priority API requests will be limited to 30 requests per minute. If your system is sending the same message to multiple numbers, please make a single request to /api/v4/messages and specify multiple numbers (comma separated) in the ‘recipient’ field.

These features are currently in beta so let us know if you have any problems–we appreciate your feedback! Our documentation has been updated and can be found at https://semaphore.co/docs. Thanks again for helping us to be the best way to send SMS in the Philippines and please do let us know if there’s anything else we can do to help either through the chat widget on our websites, by emailing support@semaphore.co or through our Facebook page.

As always, thanks for choosing Semaphore!
Your Semaphore Team