Ⓒ Provided by Popular Mechanics |
By Tim Newcomb, Popular Mechanics
Call a scam text what you want—a spam text or even a “smishing attack” (yeah, that’s an SMS play on phishing)—but no matter how you term them, they’re damn annoying, they’re on the rise, and they often come with security pitfalls.
In 2020, spam texts overtook spam calls as the most prevalent form of scamming for the second year in a row. In 2021, a 58 percent increase in scam text messages brought the total number in the United States to 87.8 billion, according to a February 2022 report from RoboKiller, a spam call and text blocker. That’s over 15 billion more scam attempts through text messages than via phone calls.
Designed to get you to invite malware onto your device, give up personal or banking information, or simply spend money on something that isn’t real, the scam text is here to stay unless the government, wireless carriers, and individuals can do enough to fight back.
Read More: 6 Online Tools to Increase Your Internet Security for Free
How Spam Texts Work
Thanks to the clever technology that makes SMS a reality, there’s also an opportunity for “bad actors,” what the Federal Communications Commission (FCC) and others like to term the criminals behind smishing, to unload torrents of texts. Commonly sent from overseas, these automated texts get sent in batches, spoofing local numbers so it appears as though it is someone local to your location. Of course, smishing has gotten sophisticated enough that sometimes the attacks get personalized, and the criminals spoof your own number to make it appear as though your phone is sending you a text (creepy!). Other times, bad actors may spoof trusted numbers from your area.No matter how the text gets spoofed and sent, the entire goal is for you to open the smishing invite and then take some action that benefits the criminals behind it. Whether they’re looking to install malware on your device that can mine information for later use, get you to enter in your address or other personal information they can use later, or offer up passwords that get them into your personal or financial information, they’re trying to steal something from you.
Ongoing Efforts to Reduce Spam Texts
As smishing steadily rises, both the government and wireless carriers have started to respond. Most wireless carriers already have built-in spam-blocking software, attempting to limit both spam calls and texts.A government bill in 2019 gave the FCC and U.S. Justice Department more reach to battle the scammers and required phone companies to upgrade technology. The FCC has upped the ante in its approach to fining scammers when it can, and has enforced a National Do Not Call Registry. The exact strategy the FCC will take against smishing will likely evolve, but expect a more concerted effort by both the government and wireless carriers.
In October 2021, for instance, the FCC announced a plan to “take steps to confront this latest wave of fraud and identify how mobile carriers can block these automated messages before they have the opportunity to cause harm,” Jessica Rosenworcel, the agency’s chair, said in a press release.
Read More: How to Delete Your Search History and Become a Digital Ghost
Tips for Stopping Spam Texts
In 2021, the most common form of smishing—25 percent of all messages—related to a “phantom package delivery,” attempting to gain an individual’s physical address and potentially additional information. From there, plenty of smishing messages tried to get people to offer up banking information, Apple IDs, or cook up scams related to COVID-19 and healthcare. In nearly every smishing strategy, the bad actors portray themselves as someone they are not. Don’t be fooled.• Don’t click on any links. Arguably one of the most dangerous things you can do is click on a link in a smishing text. This opens your device to potential malware.
• Don’t give out personal information. If you’ve somehow missed the first step and clicked on a link, don’t give any information, as this invites trouble. For any reputable company, you can go to their website and log in and take care of any issues that may have arisen with your account or delivery (but you’ll likely find there are none since it was a smishing attempt).
• Don’t respond in any way. Even responding “no” or “stop” alerts the smishing software that your phone number is active and opens you up to additional attempts.
• Put your phone number on the FCC National Do Not Call Registry. As the FCC continues to expand its efforts, this may help.
• Opt-in to your wireless provider’s call-blocking service. Wireless carriers are required by law to improve their spam-blocking software, so opting into this service can help cut down on at least some of the smishing attacks.
• Report the unwanted messages. Whether you have an iPhone or an Android, both have easy ways to report junk texts right from your messaging app. Do this to build up a library of blocked users.
• Block individual numbers. In some cases, you may get repeated unwanted texts from the same number. You can block numbers individually.
• Filter unknown senders. Messaging apps may have differing approaches, but an Android allows you to enable spam protection in case the text is potential spam, and an iPhone will filter messages from unknown senders into a separate folder.
• Limit where your cell phone number appears. While there’s no way to fully keep your cell phone number from getting out there, limit the public postings of your number. (Just last month, Google announced a tool to remove your personal information from search results.)
• Report the attack. You can forward the smishing text to your wireless carrier by sending it to 7726 (SPAM) or report it to the FCC to help curb the issue.
See more at Popular Mechanics