Frauds find fertile ground by sending cellphone texts

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

By now everyone knows what a phishing email is — one that attempts to lure you to a fraudulent website under the pretense of winning a prize, or claims it can help fix a problem with your online account. But not all phishing attacks come via email. In fact, there has been a dramatic rise in what is being dubbed as "smishing," or using SMS (Short Message Service) text messaging features on a cellphone to deliver phishing-type messages.

For instance, my colleague recently received this textbook example of a smishing scam on her phone: "Your entry last month has WON! Go to TargetContests.com and enter your winning code 53882 to claim your FREE $1,000 Target gift card within 24hrs."

Cellphones are becoming hot targets for identity thieves and other scammers because people are more unsuspecting and typically don’t hesitate to click on a link someone sends them in a text message. While most major Web browsers and computers have some level of anti-phishing and anti-virus protections built in, cellphones rarely have these safeguards. And criminals are aware of this, which is why many are shifting their attention to mobile devices to scam consumers.

So, how do you spot a smish? It’s actually pretty easy if you know what to look for. First, recognize that reputable companies don’t generally text contest winners, so it’s a big red flag if you get something along the lines of the gift card prize in the example above. Also, look for the same indicators as normal phishing emails — sloppy language, spelling errors, excessive exclamation points and other signs of unprofessional writing.

The following are some general guidelines to consider if you receive a smishing message on your phone:

» Retailers don’t randomly hand out gift cards and other prizes, especially when you haven’t signed up for anything. As always, if it seems too good to be true, it probably is.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

» Don’t reply. If the message includes a link, don’t click on it. If it contains a phone number, don’t call it. You’ll just be flagging yourself as a potential target for future attacks.

» Never send personal information, such as your Social Security number or bank account information, from your mobile device.

» Be vigilant and regularly check your credit report for signs of identity theft, and review your bank and credit card accounts for signs of fraud.

» Report all unwanted texts to the FBI by forwarding them to 7726 (which spells SPAM on a phone’s keypad). Once you do, you’ll get an automated message from your wireless carrier asking for the phone number that sent you the message.

Finally, if you apply the same anti-virus tools and common sense to operate your mobile device as you do with your computer, you will reduce your chances of being a victim of a smishing scam.

———

Hawaiian Telcom Information Security Director Beau Monday is a local cybersecurity expert. Reach him at Beau.Monday@hawaiiantel.com.