Received a text from your bank recently? A new ‘smishing’ scam is convincing people to hand over their bank details by sending text messages disguised as official alerts from your bank.
Despite efforts by banks and other brands to make their systems more secure, this scam is ruthlessly simple.
The text will come through claiming to be from your bank’s fraud prevention team. It will claim that you’ve used your debit card in an imaginary purchase and will ask you to call a number or click on a link provided and prove that the purchase was made by you.
If you call the number you might even speak to a real human being on the other end of a phone who will then ask for your bank details.
It will seem genuine, and for many, it was enough to prompt them to hand over almost all their bank details.
As one victim explained to This Morning, the scam was so convincing that were able to steal over £70,000.
What is smishing and how does it work?
Smishing is essentially a variation of phishing, a common scam employed by cybercriminals to trick you into handing over sensitive or personal information.
In one instance it involved an email sending a fake iTunes receipt, which then asked you to enter your bank details if you clicked on the link within the email.
In the case of smishing, this is where criminals have managed to get hold of your number and will send you a text message disguised as coming either from your bank or from a reputable company.
Their complexity can vary wildly from being simply standalone texts to actually being included in the message chain containing texts from a previously reputable conversation you’d had.
How can you protect yourself from smishing?
Speaking to HuffPost UK, Chief Scientist at McAfee Raj Samani gave us some top tips on how to avoid being caught out by this particularly nasty piece of scamming.
Double check contact details: Just as you should never click on links in emails, you should always double check the telephone numbers provided in text messages that encourage you to call your bank. Look up the contact number for your bank on its website and see if it matches. If it doesn’t, contact your bank via the number on their site and let them know about the texts you received.
Don’t be afraid to call your bank directly, they are used to it: By giving a call to your bank to check before taking action, you will be able to get the best advice from them on how to ensure your specific account doesn’t get compromised.
Beware of (faux) big brands: Smishing fraudsters tend to mask themselves as well-known household names. If they are promoting a special offer or a sale, don’t click on link in the text message. Check out the online website first as they often feature them on there too. With special offers, if it seems to too good to be true it often is.
Don’t click on links in a panic: Smishing attacks aim to scare people into clicking on links, often threatening that you will be charged for a subscription or service if you do not cancel the payment by clicking on the link included. But don’t panic click. Research the service or retailer in question and either get in touch with them directly to query it or contact your bank to block any payments.
Best Gadgets You Can Buy In 2017
— This feed and its contents are the property of The Huffington Post UK, and use is subject to our terms. It may be used for personal consumption, but may not be distributed on a website.