Text Phishing is a thing now

I’ve talked many times about Phishing e-mails. For those of you who haven’t seen those posts (which by the way you should check them out) let’s bring you up to date. “Phishing” is a type of e-mail that gets sent out by people looking to steal your information. They get access by posing as a company or a person you know and getting you to click a link. The link allows them to access your info and once these phishers have your info, it’s tough to get it back.

The good news is that lots of people are catching wise to what the Phishers do. People generally can spot the Phishing attempts reasonably quickly now. The Bad news is that the Phishers are trying new methods of getting your info now. The latest thing for phishing is Text Phishing. This means that instead of an e-mail sending you a link in a text message trying to get your information.

1) Sense of urgency – From what I have seen (and experienced) if a company wants to get in touch with you, texting isn’t how they do it. E-mail or sending hard copy mail would be the usual method. While for sure there will be exceptions, typically they don’t text people. Your phone company will text you (but that makes sense), but they would never get you to click on a link within their communication. Companies like Banks, tax collectors, or Governments will not text you. If the text reads like “OH MY GOD IF YOU DON’T ACT NOW THE WORLD IS GOING TO END!!!!!” then it’s probably someone phishing.

2) Vague information about you – I recently got texted by “my bank” with an “urgent message” about my account which started with a series of numbers. Here’s the thing, certainly with Canadian Banks, the first four numbers of an account/credit card will be the same as everyone else’s who banks in the same institution. It’s the LAST four numbers that are unique to you. If you get texted by an organization that sends you information that is not unique, it’s phishing.

3) It’s from a company/institution that you don’t use – The header art that I’ve used for this post was a phishing attempt someone tried to use on me. I don’t use the institution that they claim to be, so it was effortless for me to spot this as a phishing attempt.  Look at the text that you get sent. Is it from a company you use? If it is, then I would recommend using your phone for its original purpose and call whomever it is and ask them if it’s legit.

4) They are a number you don’t recognize – Typically if a company is going to text you as a method of communication, then they would both request your phone number but also recommend that you put their phone number in your contacts (when you get set up I should specify). If a company is trying to contact you, then they should be in your contacts already. That being said that if you get contacted by someone claiming to be a company and you don’t recognize the number, it’s more than likely that it’s someone trying to phish your information rather than a company you know.

5) There is a link to be clicked – This one seems obvious, which is why it’s last, but I felt like it should be said just the same. DO NOT CLICK ANY LINKS TEXTED TO YOU!!!!! I can’t emphasize enough that if there is a link in the text that you do not click on it when you do you lose control of the situation.

Phishers are out there, they want your information, but luckily you are the best line of defence you have against them. If you keep in mind what I’ve laid out here, you will find it way easier to spot the phishers from the people trying to help you. Their methods may have changed, but their motivation is still the same. They still want your information; they still want your money. They will always be out there, but if you’re smart, they won’t be able to get to you.

Have you received a text message like this?

Let me know in the comments section below. If you like this blog post and want to see more, you can follow me on Social Media (LinkedIn, Twitter, Instagram, and Facebook @jasonlovefiles) or Subscribe to my blog to get new content delivered directly to your mailbox.