A WARNING has been issued over bogus texts used over the holiday season to hack phones and rob people of cash by pretending to include package tracking links.
Phone users are being told to be on alert for texts from “smishing” scams as attacks rise over the Christmas and New Year period.
1
Smishing (shortened from SMS phishing) is the most popular type of scam used by cyber thieves to steal your personal information.
The texts received will be very real looking and ask for you to extend your car warranty, for example.
Yet the links included will allow hackers access to your phone and all the personal information stored there.
Over Christmas, scammers have launched a holiday text scheme where they send fake links and claim they can be used to track packages.
The texts will be disguised as the US postal service or other common shipping companies.
Yet the deceptive text messages will give out your financial information to attackers if the links are clicked on.
Most read in Tech
“The link in the ‘smishing’ message might take you to a fake site where you’re asked to type sensitive personal information that the cybercriminals can use to steal your online ID,” Heinan Landa, CEO of Optimal Networks, explained to WUSA9.
“These messages tend to show up as urgent security alerts, or ‘you must act now’ language with coupons, redemptions, offers, deals, etc.
“These are usually warning signs of a hacking attempt.
“People are less wary of their phones and many (wrongly) assume their smartphone is better protected than their computer,” he added.
“Others just aren’t paying close attention to what they received because they’re using their smartphone on the go.”
HOLIDAY ROBOTEXT SCHEME
On Thursday, Florida Attorney General Ashley Moody urged residents to be on the lookout for the common robotext scheme.
“With Christmas just days away, tracking last-minute deliveries is becoming increasingly important,” she said.
“Many Floridians are anxiously awaiting the delivery of multiple online purchases, and scammers may capitalize on the glut of deliveries in an effort to steal personal or financial information.
“Beware of text messages instructing recipients to click a link to track a package—it may be linked to malware or a scam designed to steal personal information.”
The AG’s office gave some tips for subtle signs that the text you received may be a scam.
One is that the exact shipping company may not be mentioned in the text or that the link appears to have been sent from a personal cellphone number.
If a text asks for a shipping address, it is also a sign it could be a scam as all companies require a shipping address when physical goods are being purchased for delivery online.
Grammatical errors and spelling mistakes are also a sign.
If you do not recognize a link, the AG’s office urges users to be extra careful and never click on it until they are sure – especially if you don’t know the sender.
NEVER RESPOND TO TEXTS
If you do believe the text you received is a scam, you should immediately block the number.
Never respond to the message as it could potentially put you on the list to receive more robotexts.
Landa advises that Android devices are a prime target for malware but that doesn’t mean that iPhone users are safe.
“Although Apple’s iOS mobile technology has a good reputation for security, no mobile operating system can by itself protect you from phishing-style attacks,” he said.
Users are advised not to store credit card numbers, routing numbers, account numbers, etc. on their smartphones.
FILE A COMPLAINT
The latest holiday scheme comes after text scams skyrocketed with attempts to access child tax credit payments.
The IRS has been warning taxpayers of these scams since July when the $300 tax credit started.
To avoid falling victim to the scams, the IRS recommends keeping watch for “eligibility forms” or unfamiliar links shared via text message.
Never open a link that appears to originate from the Treasury department or secretary of the Treasury, and don’t provide sensitive information via text message, even to a contact you recognize.
If you believe you have been a victim of an attack, you can report it to the Federal Communications Commission.
Or file a complaint with the Internet Crime Complaint Center (IC3) which is managed by the FBI and the Department of Justice.
We pay for your stories!
Do you have a story for The US Sun team?
