Picture this: you’re going about your day, eagerly anticipating the arrival of a long-awaited package. Suddenly, your phone buzzes with a message from “UPS.” Excitement fills the air as you open it, expecting news about your eagerly anticipated delivery. Much to your dismay, the message claims that there is an issue delivering your package. It urges you to click a link to resolve the problem promptly. The thought of further delays pushes you to take action. After all, it appears to be from UPS, right? Unfortunately, this is just one of many ways text message scams are used to manipulate our trust and compromise our security. 

Text message scams, or smishing (a combination of “SMS” and “phishing”), refers to the fraudulent practice of tricking individuals into revealing sensitive information—such as passwords or credit card details. These messages often contain urgent or enticing information designed to evoke an immediate response. They may request the recipient to click on a malicious link, provide personal information or even call a specific number.

Let’s take a look at 5 of the most common text message scams and how you can protect yourself.

1. Missed Delivery Text Messages

With the popularity of online shopping, scammers are well aware of the perfect opportunity presented by those of us eagerly awaiting our packages. The excitement and anticipation make us more susceptible to manipulation, as the desire to resolve any potential issues quickly outweighs caution. These con artists capitalize on this vulnerability by crafting convincing messages that exploit the trust placed in reputable delivery services—like UPS, FedEx or USPS.

These scammers craft cunning text messages that claim your package couldn’t be delivered due to an incomplete address, unpaid customs fees or an incorrect shipping label. The messages often include a link or a phone number to resolve the issue or provide additional information.

However, these links or phone numbers are malicious and lead to fake websites or fraudulent call centers operated by the smishers. If you click on the link or contact the provided number, you might be prompted to enter personal information—such as their name, address, credit card details or even social security number. This information is then used for identity theft, financial fraud or other malicious purposes.

Reminder: Legitimate delivery services typically do not communicate important delivery or tracking information exclusively through text messages. If you receive such a message, it’s crucial to exercise caution. Instead of clicking on any links or providing personal information, contact the delivery service directly using their official contact information to verify the status of your package.

2. Locked Bank Account Text Messages

Imagine getting an urgent text message from your bank, stating that your account is compromised or locked due to suspicious activity. Panic sets in as you read the alarming message that urges you to take immediate action in order to avoid further consequences.

The con artists behind these scams manipulate emotions, leveraging fear and a sense of urgency to override rational thinking. The message often directs you to click on a link or call a phone number to resolve the alleged issue.

However, clicking on the provided link or contacting the given number may lead you down a path of deception, where your personal and financial information becomes vulnerable to exploitation. The smishers may request sensitive details like your account credentials, social security number or even ask you to authenticate transactions by providing one-time passcodes or PINs.

Reminder: Legitimate banks and financial institutions do not request sensitive information or ask you to verify your account through text messages alone. They typically have robust security measures in place, utilizing secure channels for communication—such as their official banking apps or secure online portals.

3. “Is This You?” Text Messages

Imagine receiving a text message out of the blue, accompanied by a seemingly innocent photo or video thumbnail, and a tantalizing question that piques your interest: “Is this you?”

Your immediate reaction is a mix of intrigue, curiosity and a dash of self-doubt. You may find yourself contemplating whether someone has captured an embarrassing moment or a compromising image of you. In a moment of vulnerability, you may be tempted to click on the provided link to unveil the truth.

However, clicking that seemingly harmless link can expose you to a myriad of dangers. The smishers behind these scams manipulate human psychology and exploit our desire for self-assurance. Once you click the link, you may inadvertently grant access to your device, personal information or even enable the installation of malware that can compromise your privacy and security.

Reminder: The smishers behind “Is This You?” messages thrive on exploiting your emotions and leveraging your desire for validation or self-assurance. By questioning the legitimacy of unexpected messages, and resisting the urge to click without proper verification, you can protect your identity, personal information, and digital well-being from these manipulative schemes.

4. Subscription Payment Issue Text Messages

Texts claiming that your payment for subscription services didn’t go through have become an increasingly prevalent smishing tactic, targeting unsuspecting individuals who are accustomed to managing their subscriptions electronically.

These deceptive texts often mimic popular subscription services—such as streaming platforms, music apps or online publications. They notify recipients that their recent payment for a subscription has failed or encountered an issue, creating a sense of urgency and concern. To rectify the situation, the scammers prompt the recipient to click on a provided link or call a specific number to update their payment information. 

However, clicking on the link may lead to a fraudulent website designed to collect sensitive personal and financial details, or the provided number may connect to a scammer posing as customer support, aiming to extract sensitive information over the phone.

Reminder: Legitimate service providers prioritize the security of your information and typically have established protocols for handling payment issues. Always verify information independently and refrain from sharing sensitive details without proper verification

5. Fake 2FA Verification Text Messages

Two-factor authentication (2FA) has become an integral tool for enhancing the security of our digital accounts. However, scammers have found ways to exploit this security measure through deceptive 2FA scam messages. These messages mimic legitimate 2FA requests, aiming to trick individuals into divulging their login credentials and other sensitive information.

These fraudulent messages claim an urgent need for 2FA verification or account confirmation. The message may appear authentic, resembling legitimate service providers or online platforms. To add credibility, the scammers may even include a warning that failure to complete the 2FA process will result in account suspension or limited access.

To perpetrate their deception, scammers often provide a link or a phone number, instructing the recipient to enter or provide their 2FA code, username, password or other sensitive details. Falling into this trap can grant scammers unauthorized access to your accounts, leaving your personal information and digital assets vulnerable to exploitation.

Reminder: The purpose of 2FA is to enhance your security, and legitimate companies have implemented this measure with your protection in mind. By staying vigilant and understanding that legitimate companies never ask for your 2FA code, you can effectively guard your authentication process and ensure the safety of your online accounts. 

Summary

From missed delivery text message scams to locked bank account alerts, “Is this you?” messages, subscription payment issues and fake 2FA verification requests, the smishing tactics employed by scammers are varied and cunning. It is crucial to remember that legitimate companies and service providers will never ask for your 2FA code, sensitive account information or personal details through text messages alone. 

If you receive a suspicious text message of any kind, forward it to 7726 and then delete it.

By being vigilant and questioning the legitimacy of unexpected messages, you can protect yourself from these text message scams. Protecting yourself from smishing scams requires a proactive mindset, skepticism and a commitment to digital security. 

sponsored by: