You get a text out of the blue suggesting you’ve spent money, and here’s a number to call it. SMS scams are back, and they’re keen for your cash.
We’re no stranger to scams these days and they’re coming from everywhere. While Telstra is gradually weeding them out of its phone networks, you can still get calls from scammers and robotic systems threatening you into handing over money and details.
Phone calls are just one of the vectors scammers come in on, with emails another obvious one. Who can forget about the seemingly endless email scams, forcing you to check the send address carefully to find out whether you’ve been sent a real email or a fake one?
But one of the more common approaches isn’t from a call or email, but rather SMS, and it takes on a similar logic to your email. With an SMS, scammers can more easily pretend they’re from a company because the rules for writing what company you’re from are a little more flexible when you send text messages from an online messaging service.
In email scams, the scammer can’t just use someone else’s email address, so they can’t be from paypal.com or auspost.com. Rather, scammers typically try to get a similar domain name for their email — something like “payepel” for PayPal or “AustraliaPostageNet” for AusPost — or choose something outlandish and hope you don’t pay attention.
With SMS scams, however, they don’t need to be quite so devious.
It’s far easier to fake a brand name in an SMS, with only a handful of companies limiting the names of major places, plus you’re less likely to check on an SMS. And if the scammer hides their username as “info”, it might just fool you into clicking.
What is smishing?
The new term for phishing over SMS, “smishing” is basically being sent a link on your phone’s text messaging service designed to have you think it’s real.
It’s a message you’re probably all too familiar with, as scammers do what they can to get you to hand over details thinking something is real when it’s anything but.
Smishing scams ramp up
Over the past couple of years, we’ve seen these really heat up, and in recent weeks, it seems as though scammers are pushing back into them, with one Pickr reader sending the following in:
Apparently, the person who received this has sent $2500 and needs to call this number to dispute it. :O
Except that’s clearly not the case, and between the poor language skills — something commonly associated with scams, though criminals are getting better — and the idea that it appeared out of the blue, it’s pretty easy to work out that this is a scam.
But just in case you did decide to call, what would happen?
“Responding simply confirms that your phone number is active,” said Chris Connell, Managing Director for Kaspersky in the Asia Pacific.
“Unsubscribing can be hard even with legitimate companies; don’t expect a fair deal from people breaking the law,” he told Pickr.
“If you have any doubts, contact your bank directly. It’s unlikely they sent that message, but speaking of contacting the bank, make sure to get that phone number from an official source, such as its website,” he said, suggesting you find your bank’s details from an official location such as its website or a piece of mail sent to you. It’s very likely on the back of your bank card.
“Whatever you do, don’t use any contact details from the suspicious text,” Connell said.
Steering clear of scams
It’s not easy to remove scams entirely out of your life, and some would venture that it might be impossible. While technology companies and telcos are doing what they can to limit the amount of scam messages we all receive, scammers are also likely tryin to heighten their efforts because the amount they can make out of us all can be rather ridiculous.
In June 2021, Australians lost nearly $32 million from scams according to the ACCC’s Scamwatch, and that’s just in Australia. Imagine how big those numbers are for the rest of the world.
As such, scammers may still be out there even if you do what you can to limit the numbers. Security software can help, but education may well be our best defence, helping you to not fall for scammers smishing and phishing attempts in the long run.
