x
Breaking News
More () »

What is 'smishing'? Expert offers safety tips amid explosion in text-based scams

Smishing attempts (SMS phishing) have now overtaken scam calls. Here's why they aren't going away any time soon.

MINNEAPOLIS — If you've started getting more and more suspicious text messages about bogus deliveries, giveaways, or otherwise urging you to click on a link, you're far from alone.

Wireless carriers, industry experts and the Federal Trade Commission have all been tracking a rise in scam texts. 

Mark Lanterman, Chief Technology Officer of Computer Forensic Services, says so-called SMS phishing scams have been annoying wireless customers for year, though their annoying nickname is more recent.

Kent Erdahl: "Smishing stands for SMS phishing? Is that a word that you actually use?"

Mark Lanterman: "Unfortunately, yes. It is a word and, yes, I have used it. I'm getting a lot of phone calls asking me about this."

Mark Lanterman says the smishing trend really started blowing up phones during the pandemic. According to Federal Trade Commission, $86 million dollars were reported lost in the U.S. in 2020 due to scam texts. According to RoboKiller, an app that works to block spam calls and texts, that's just the tip of the iceberg. RoboKiller's 2021 scam report found a 58% jump in scam texts from 2020 to 2021. The company says scam texts surpassed scam calls by more than 15 billion last year and it estimates financial losses in the billions of dollars - not millions - because most go unreported to the FTC.

Lanterman says that is also likely the biggest reason why so many people are seeing so many more of the bogus texts coming in.

"Certain types of attacks occur in waves," he said. "In the hacker community, someone will say, this is what I'm doing and it's working, so then everyone else tries it too."

If you want it to stop, the Federal Trade Commission has several suggestions. You can file a formal federal complaint online. If that sounds like too much work, just forward the scam message to 7726 (which spells SPAM) to report it to your wireless provider. Easiest of all, just click on the number, and look for an option to block the caller.

"It won't eliminate it completely," Lanterman said, acknowledging that new numbers can pop up. "But it will be less of a headache for you."

In recent days, reports of a new twist are complicating that block and repeat strategy. Verizon and other wireless carriers have confirmed a surge in smishing attempts coming from people's own cell phone numbers.

"That can be confusing and make it harder to use spam blocking apps," Laterman said. "All that is, is a way that hackers try to get you to click on something or trust something, because you're not going to block your own number. If I were to send a message to you, as you, I know I'm going to get your attention, and now my message just has to trick you into doing something for me."

If you do get tricked into offering sensitive information, experts say you should contact your wireless provider and go to identitytheft.gov to begin filing a report.

Erdahl: "What if you don't give them your information, but you do take the bait a bit? Can you get in trouble just by clicking a link?"

Lanterman: "Normally what we see is you have to interact a little bit more with that click on a cell phone. Clicking on a link on a computer, that's a different problem. Clicking on a link on a text message or an email on your phone, you tend to not have the same level of risk."

Regardless, Lanterman says it's best to avoid any message and link until you can verify what you're clicking on.

"I hate to quote a corny TV show, but we are the weakest link," he said. "It's easier for me to hack a person, to trick you into giving me what I want, than it is for me to hack your technology."

Related

More U.S. companies courted to try four-day work week

Before You Leave, Check This Out