A recent Federal Communications Commission (FCC) mandate has required carriers to install the STIR (Secure Telephone Identity Revisited)/SHAKEN (Signature-based Handling of Asserted Information Using toKENs) call authentication technology in the IP portions of their network. While this has helped combat anonymous spoofing of telephone numbers, scammers are finding other ways to fill their pockets and text scams, also known as “smishing” – SMS phishing – are becoming increasingly popular among fraudsters.
Car insurance scams have been a long time robocall scheme that is now common in SMS messaging. The scammers responsible are typically after one of two things. Either they are attempting to sell a car insurance bundle that is unbelievably cheap and ultimately a scam, or they are after personal information including social security, credit card number, and bank account information.
Below are two examples of SMS scams that appear very obviously illegitimate but can still fool those who click the link in a hurry or who are unfamiliar with text scams. Some smishing attempts may be more sophisticated than others, making them even easier to fall for than the examples below.
It is important to note that these texts don’t mention a business name. While this is highly suspicious, it is possible other scam messages will impersonate a legitimate company. Many businesses utilize texting to provide updates to their customers, but only if the customer agreed to receive the texts. Unsolicited texts containing advertisements are a red flag, especially if they contain a link.
There are various ways to stop or report unwanted text messages. Suspicious text messages can be reported or the Federal Trade Commission (FTC) at their fraud reporting website. or forwarded to 7726 (SPAM). Forwarding the message to 7726 is a process major carriers have adopted and is backed by the GSMA, a global association of mobile communications entities.
Smishing attacks are not unique to the United States. According to a report by Ofcom, three quarters of UK adults under the age of 35 have received text scams in the last three months, as threat actors look for new ways of targeting victims. Ofcom found that more traditional forms of phone scams, such as recorded voice messages or live calls, appeared to be on the decline – having been received by only 39% and 32% of 16-to-34-year-olds surveyed. Ofcom is the regulator in the UK, similar to the FCC in the United States.
Many wireless providers have services that let you block text messages and calls. Call-blocking apps, including those powered by TNS Call Guardian®, are another great resource for reporting and blocking unwanted messages. Stay vigilant and share information about scams with others.