Top 10 Text Messages Scams and How to Stay Secure
In This Article
SIM Swap Protection
"11.94 billion spam texts were sent in May 2022" (Textedly)
You might be tempted to click on the link for more information if you're receiving random messages from "AT&T" or "FedEx" notifications for an incomplete delivery. Please don't do it. These messages may appear genuine, especially if you have service with the provider sending them to you. This is a smishing trap, and you might fall prey to it.
"Less than 35% of the population knows what smishing is." (Incognia)
Spam text messages (also known as phishing or "smishing") deceive consumers into giving away personal information to individuals posing as a familiar company, organization, or family member. Studying spam text message samples can help protect against these fraudulent tactics. Scam text messages are used by criminals to obtain usernames and passwords, social security numbers, credit card details, and PINs to perpetrate fraud or identity theft.
How Do Text Message Scams Work?
Scammers use a variety of text message scams. They all follow a similar pattern, though:
- You receive an unknown or "spoofed" phone number text message. Technology makes it appear like it is from someone you know (such as the IRS, Apple, or Amazon).
- The message may claim that your bank account has been closed or that you've won a gift, creating a sense of urgency for you to act immediately.
- Next, the scammer will try to get you to do one of three things: respond, click on a link, or call a number.
Text scammers have become experts in human psychology in recent years. They know precisely what to say to persuade you to act without thinking. What happens, though, when you get caught up in their scams?
When you receive a text message from an unknown number, your first instinct is to ignore it. But what if the message looks and feels like it could be legitimate? That is where text scammers come in. They're experts at crafting messages that seem real but are designed to trick you into giving them your personal information or money.
If you respond to a text scammer, they will typically try to get you to provide personal information. They may also ask you to click on a link that takes you to a fake website where you're asked to enter your login credentials. Or they may request payment via wire transfer or gift card.
Are Text Message Scams Really Dangerous?
That all depends on the scam — and how you respond. The most common objectives of text scammers are:
- Getting you to click on a link that downloads malware onto your phone. Hackers can monitor, steal your passwords and other personal information, or lock you out and seek ransom after infecting you.
- Sends you to fake websites that steal your personal information. Scammers may ask you to "verify" personal information (such as your SSN or financial data) or target you with other social engineering techniques once you are on the phone.
How Does Smishing Spread?
These texts may be delivered using either text messages or non-SMS messaging applications. Due to their deceptive nature, SMS phishing frauds tend to spread rapidly and without comment. Email fraud is generally well recognized regarding its threats and how people respond. You've probably been taught that if an email says, "Hi—check out this link," you should be wary. The absence of a genuine personal message is usually a red flag for email spam scams.
People become less cautious when they are on their phones. Many people believe that their cell phones are more secure than computers. However, smartphone security has boundaries and can sometimes not defend against smishing. Smishing may target any phone with the ability to send text messages.
Types of Smishing
There are many forms of smishing attacks, each with its techniques. How they are delivered may vary considerably. Scammers can utilize many identities to keep these text messages updated. Unfortunately, due to the constant evolution of these scams, there is no way to list down all types of smishing. Using a few well-known scam foundations, we can show you certain traits that will help you identify a smishing attack before it happens.
Financial Services Smishing
Text scams are often disguised as alerts from banks and other financial institutions. Because nearly everyone uses debit and credit card services, they are vulnerable to generic and institution-specific notifications. Investments and loans are significant in this sector. A scammer may use a bank or other financial institution for ulterior motives by posing as a bank or other financial institution. Such scams may include an immediate demand to unlock your account, confirmation of unusual account activity, and more.
Such scams are inspired by governmental healthcare and financial organizations' aid programs for coping with the COVID-19 pandemic. These schemes have been used to induce health and money concerns in victims who intend to defraud others. The following are signs that indicate a potential COVID-19 scam:
- Transactions that request sensitive information
- Tax-based financial assistance
- Public health safety alerts
- Demands to fill out the U.S. Census form
Invoice or Order Confirmation Smishing
Such a type of smishing is the act of confirming a recent purchase to obtain money fraudulently. To motivate you to take some action, a link may be provided for a follow-up creating anxiety about unauthorized payments. This scam might be evidenced by an abundance of order confirmation texts and the absence of a company name.
Gift smishing is a term used to describe fake offers for free items or services, typically from a reputable merchant or another firm. This tactic includes free contests, shopping incentives, and various other freebies. When an attacker promises you "free," it is a logic override to get you to act faster. Limited-time specials or unique choices for a gift card are indicators of this attack.
Customer Support Smishing
Scammers pretend to be trusted business support persons to assist you in solving a problem. Google, Apple, and Amazon are good disguises for hackers in this scenario because of their high technology usage and e-commerce.
Typically, an attacker will inform you that your account is in error and offer solutions to fix it. A scam login page may be all it takes, while more complex strategies might require you to provide a genuine account recovery code for resetting your password. Some warning indicators of a customer support-based smishing scam are billing or account access issues, strange activities, or resolving past customer complaints.
Top 10 Text Message Scams
The Fake Cash App Scam
This scam has become increasingly popular in recent years as more and more people use Cash App for peer-to-peer payments. You receive a text from someone claiming to be from Cash App, asking you to click on a link to verify your account or update your information. But the link takes you to a fake website that looks almost identical to the Cash App site. The fake site then prompts you to enter your login information, which the scammer can use to gain access to your account. If you get a text message like this, do not click on the link! Instead, go directly to the Cash App website or app and update your information from there.
The "Can You Hear Me?" Scam
This relatively new scam has been making the rounds lately. You receive a phone call from someone who asks, "Can you hear me?" If you respond with anything other than "no," they will record your response and use it to sign you up for unwanted services or make unauthorized charges on your credit card.
To avoid this scam, hang up if you receive a call. Do not respond in any way.
The Free Gift Card Scam
You receive an offer for a gift card from a major retailer, often for just completing a short survey. But the survey is a phishing scam designed to collect your personal information. And even if you complete the survey and get your "free" gift card, it will likely be worthless or have minimal value. If you're ever offered a free gift card, proceed with caution. Do some research to see if the offer is legitimate before you provide any information.
Two-factor authentication (2FA) Scam
2FA scam messages are sent by scammers to trick victims into giving away their personal and financial information. The texts claim to be from a well-known company or service, such as Google, Apple, or PayPal, and state that the victim's account has been compromised. They then direct the victim to a fake website where they are prompted to enter their login credentials and other sensitive information.
The Fake Job Offer Scam
You come across a job listing that seems too good to be true. It's for your dream job, and it offers an excellent salary. But when you apply, you're asked to provide sensitive personal information or even pay a fee to secure the position. Of course, it is a scam, and you will never get the job or see any of your money again. Be very careful when applying for jobs online. Research the company and its position to ensure it's legitimate before providing personal information.
The Fake Charity Scam
You receive a call or email from someone claiming to represent a charity and asking for donations. They may even use high-pressure tactics to get you to donate on the spot. But this is usually a scam, and your money will never actually go to the intended charity. If you're interested in donating to a charity, do your research first. Please ensure the charity is legitimate and that your donation will actually go to them.
The Lottery Scam
You receive an email or letter informing you that you've won a large sum of money in a lottery or sweepstakes. But collecting your winnings requires you to pay a fee or provide sensitive personal information. Of course, this is all a scam, and you will never see any of the promised money. Be very sceptical of emails or letters claiming you've won a lottery or sweepstakes. Remember, if you don't buy a ticket, you can't win!
The Tech Support Scam
You receive a pop-up message on your mobile claiming that there is a problem with your system and that you need to call tech support for help. But when you call the number provided, you're talking to scammers who will try to sell you unnecessary services or even gain access to your mobile to steal your personal information. Never call the number provided in a pop-up message, even if it looks genuine. Contact a trusted tech support company if you're concerned about your mobile's security.
The Grandparent Scam
You receive a message from someone claiming to be your grandchild. They say they're in some trouble and need money right away. But this is a scammer trying to trick you into sending them money. If you receive a message like this, do not send any money without verifying that it's your grandchild first. Ask them questions that only they would know the answer to, like their favorite childhood memory. These are just a few of the most common text message scams. Be sure to stay alert and never provide personal information or money to someone you don't know.
If you're shopping online, you might come across a scammer who offers a refund if you pay them first. This is called a refund scam, and it's essential to be aware of it, so you don't become a victim. The scammer will contact you through email or social media and offer to refund your purchase if you pay them first. They might say they're from the company you bought from or pose as a third-party service. If you agree to pay the scammer, they will ask for your bank account or credit card number. Once they have your information, they will use it to make unauthorized charges on your account.
How To Stay Secure?
It's frightening to consider the possibility of clicking the link or saying "STOP" by accident. One slip-up may be enough for criminals to steal your data. Don't worry, though. We'll explain what you can do right now to keep your personal information safe.
1. Watch out for text messages that offer gifts or prizes. These are often scams meant to collect your personal information. Be especially careful with messages that contain links or attachments.
2. Be wary of text messages that claim you've won a contest or lottery that you don't remember entering. These are also likely scams. Please don't reply to these messages, and don't click on any links in them.
3. Ignore text messages that request personal information, such as your social security number or bank account number. No real organization will ever request this information via text message. If you receive a text message, do not reply and instead contact the organization directly to confirm.
4. Don't click on links in text messages unless you're sure they're safe. Many scammers include links to malicious websites in their texts. If you click on one of these links, you could end up downloading a virus or giving the scammer access to your personal information. If you're unsure whether a link is safe, you can visit a website like VirusTotal or URLScan.io to check it.
5. Be very careful of text messages that claim to be from a government agency. If you receive a text message that looks like it's from a government agency, do not reply to it or click on any links. Instead, contact the agency directly to verify the message. Some common examples of government imposter scams include:
- The IRS scam
- The Social Security Administration scam
- The Census Bureau scam
- The FBI scam
Contact your local law enforcement agency if you think you may have been a victim of a government imposter scam. You can also report the scam to the Federal Trade Commission.
6. Ignore text messages that offer free products or services in exchange for completing a survey. These surveys are usually a scam and a way for the sender to collect your personal information. Surveys that offer free products or services in exchange for your personal information are most likely a scam. If you receive one of these messages, it's best to ignore and delete it.
Bonus Fact: Telecom companies know this problem and are working on fixing it.
Key Take Away
Remember that knowledge is the best protection against fraud. Don't be taken in by shady text message scams. Instead, keep yourself secure by taking your time, avoiding suspicious links, and never giving out personal or sensitive information to individuals you don't know. Check out this government-sponsored resource for a complete list of the most prevalent scams and swindles in the United States.
SIM Swap Protection
Get our SAFE plan for guaranteed SIM swap protection.
SIM Swap Protection
Get our SAFE plan for guaranteed SIM swap protection.