Published August 1, 2016.
Phishy texts put your data in danger.
What harm could come from a text? The answer may surprise you.
Scammers never seem to give up. In the old days, they tried to reach their victims by mail. Then, they tried phone calls.
Those tools are still used, but in recent years they’ve added text messages and emails as faster and more anonymous methods to separate you from your money.
Breaking down a phishy text.
Here’s an example of a recent text. The phone number was similar to one that was familiar to the recipient – off by just a few digits.
The threatening tone of the text is intended to push the recipient into responding soon. That’s a common tactic in phishing – catching the user off-guard and getting them to act before they’ve considered what the message is really about.
What to do if you get a phishing text.
But while the impulse is to act quickly, the situation calls for a careful response, regardless of the technology used to deliver the message. Here are a few things to consider:
- Do you know the sender?
- Were you expecting a message like this?
- Is this an appropriate way for a business to get ahold of you regarding an account?
- Is there a legitimate reason they would need you to respond so quickly?
As you answer these questions, you’re likely to become less and less confident about the legitimacy of a message. For instance, most legitimate companies would not use a text message to let you know there’s something wrong with an account. And the first notice you get about an account situation will likely not be threatening.
Luckily, in the real-world example provided above, the recipient went through the list of questions, and deleted the message. He also notified his family members to do the same, in case it showed up on one their phones or computers.
Good thing, too!
A common tactic in phishing – catching the user off-guard and getting them to act before they’ve considered what the message is really about.
The danger of a text
A later investigation from a specially equipped computer showed that the link in the message led to a website that asked the recipient to enter Apple ID account information. While the site looked legitimate, it was actually a malicious phishing site that could be used to infect computers and mobile devices with malware that can steal data, passwords, and email addresses, and shut down anti-virus programs. Just clicking on the link could have unleashed that havoc on a recipient’s phone!
The computers and mobile devices you use are probably equipped with security software. That’s a great start! Yet, things change so quickly in the world of phishing and malware that it takes more than security tools to keep you safe. It takes caution on your part, to determine whether the original come-on is legitimate, and to avoid responding if anything appears amiss.
The lesson: Don’t be rushed, and don’t respond to any messages if you don’t know the source.