How to Avoid Smishing Scams
Phishing by text or “smishing” is a smishing scam that has long been a threat to smartphone users. With cybercriminals always looking for new ways to lure victims, this latest smishing scam is doing the trick. And now, a Chinese smishing network using just two words in a text are tricking victims into handing over sensitive information. The Federal Trade Commission (FTC) reports that last year, scam texts alone cost consumers a reported $470 million and growing.
Beware of These Two Little Words
As harmless as they sound, the words “com-track” and more recently “com-toll” are the keys to Smishing Triad’s smashing success. If you ever see these words hyphenated in a text link, especially in a long one, delete the text and any others like it immediately—with no exceptions. Even if the link looks totally safe, finding those two words is a huge smishing red flag. Attackers use the dashes to appear like a legitimate link to a core domain, but this scam only uses it to hide malware.
The Usual and Unusual Suspects
Fraud alerts, survey scams, and unpaid parking tickets are just a few of the smishing red flags we’ve come to expect. Another giveaway are those text links luring us into following them. We also know what’s at the end of those links—financial heartache, stolen passwords, and identity theft, just to name a few.
Now, there’s a Chinese network called “Smishing Triad” bringing these smishing scams to a whole new level of trickery and volume. In just the beginning of this year, Smishing Triad created more than 60,000 unique web domains. Add to that an estimated 100,000 texts sent per day, and you have a smishing epidemic. You may have already seen some of Smishing Triad’s work—the flood of toll fraud texts taking the U.S. by storm.
With these scams clearly on the rise, it’s time to buckle-up and use your smishing cyber-smarts. It’s a great way to stay safe at a time when cybercriminals are ratcheting up their game with smishing scams.
