Remember phishing? Now there’s smishing, a new kind of electronic identity theft targeting uses of smartphones and tablets. But although the venue may be new, these scammers are simply adapting the same old tried and true tactics that con artists used to use on the telephone.
In those old days, people would get phone calls from someone claiming to be a representative of their bank or credit card company who told them that they needed to update their account information or verify their account because it had been compromised. The unsuspecting – and now thoroughly panicked – account holder would turn over whatever the caller requested – account numbers, social security numbers, passwords and whatever else would solve the problem the caller described.
Now, those schemes have taken to the Internet like ducks to water. The much-publicized “phishing” does the same thing through emails that bear logos and web addresses similar to the real institutions a user does business with. And the same requests are made – to update account information, verify accounts, or retrieve information lost during a glitch or virus. Because the emails always appear so official looking, unwary users get trapped before they know it.
The latest incarnation, going by the newly coined name of smishing, relies on the fact that so many people use smartphones and other kinds of mobile devices to conduct transactions of all kinds, including sensitive financial ones. And that means storing a lot of personal information on the device.
The smishing operation is simple and uses SMS messaging rather than phone calls or emails. But the process is very nearly the same. Users get text messages from sites purporting to represent their banks, brokerages, credit card companies or even merchants they’ve done business with. These messages ask them to update their information ASAP in order to keep accounts current, restore lost data or resolve some other sort of problem. And, just as victims of pone scams and phishing have done, these smartphone users panic, don’t question, and supply the information.
Security and fraud experts warn that legitimate institutors generally don’t ask for personal information like this. If that kind of message shows up check with the institution it claims to be from – they need to be notified about scams using their names. And never give out personal information n response to such a message –again, contact the company in question about whether there’s a problem with your accounts.
As we noted in a recent post, over half of all home buyers and sellers rely on the Internet for conducting business related to property transactions. And much of it happens on mobile devices. Staying informed and staying in control are two of Jason Hartman’s key recommendations for building a successful investing career – and they’ll save you from becoming a smishing victim too.