Text Fraud
Back to Alerts

Text Fraud

Posted 03/19/25

Photo for Text Fraud

Fraud is at an all-time high. Did you know fraud can happen through a text message on your mobile device? Here are a few points to keep in mind to protect yourself against these attacks:

  • Do not respond. Even prompts to reply like texting “STOP” to unsubscribe can be a trick to identify active phone numbers. Attackers depend on your curiosity or anxiety over the situation at hand, but you can refuse to engage.
  • Slow down if a message is urgent. You should approach urgent account updates and limited time offers as caution signs of possible smishing. Remain skeptical and proceed carefully.
  • Call your bank or merchant directly if doubtful. Legitimate institutions don’t request account updates or login info via text. Furthermore, any urgent notices can be verified directly on your online accounts or via an official phone helpline.
  • Avoid using any links or contact info in the message. Avoid using links or contact info in messages that make you uncomfortable. Go directly to official contact channels when you can.
  • Check the phone number. Odd-looking phone numbers, such as 4-digit ones, can be evidence of email-to-text services. This is one of many tactics a scammer can use to mask their true phone number.
  • Opt to never keep credit card numbers on your phone. The best way to keep financial information from being stolen from a digital wallet is to never put it there.
    Use multi-factor authentication (MFA). An exposed password may still be useless to a smishing attacker if the account being breached requires a second “key” for verification. MFA’s most common variant is two-factor authentication (2FA), which often uses a text message verification code. Stronger variants include using a dedicated app for verification (like Google Authenticator) are available.
  • Never provide a password or account recovery code via text. Both passwords and text message two-factor authentication (2FA) recovery codes can compromise your account in the wrong hands. Never give this information to anyone, and only use it on official sites.
  • Download an anti-malware app. Products like Kaspersky Antivirus for Android can protect against malicious apps, as well as SMS phishing links themselves.
    Report all SMS phishing attempts to designated authorities.