FBI Warns of Dangerous New 'Smishing' Scam Targeting Your Phone

The Federal Bureau of Investigation (FBI) is warning Americans about a new type of phishing scam known as "smishing" that is targeting phone users. The scammers are using fake text messages to trick people into giving away personal and financial information.

Smishing, which stands for "SMS phishing," works by sending out malicious texts that appear to be from legitimate businesses or agencies. The goal of these scams is to get the victim to click on a link or provide sensitive information such as credit card numbers, bank account details, or social security numbers.

How Smishing Scams Work

The scammers use fake messages to trick people into giving away personal information. They often claim that the recipient has an overdue fine or bill and threaten to charge a daily fee if payment is not made immediately. However, when you click on the link provided in the text, it leads to a fake website that looks identical to the real one but is actually designed to steal your sensitive information.

According to cybersecurity firm Palo Alto Networks' Unit 42, the scammers are using a toolkit developed by Chinese hacking groups to carry out these attacks. The toolkit allows them to set up over 10,000 fake websites that can be used to target both iPhone and Android users with smishing scams.

Cities Warn Residents About Smishing Scams

Cities across the United States are warning residents about an ongoing mobile phishing campaign in which scammers impersonate parking violation departments. The fraudulent text messages claim recipients have unpaid parking invoices and threaten a $35 daily fine if left unpaid.

The latest wave of phishing texts has prompted alerts from multiple cities, including Annapolis, Boston, Greenwich, Denver, Detroit, Houston, Milwaukee, Salt Lake City, Charlotte, San Diego, and San Francisco. The FBI is urging citizens to report any suspicious activity to their local law enforcement or the Internet Crime Complaint Center (IC3).

How to Protect Yourself

To protect yourself from smishing scams, follow these tips:

  1. Be cautious with links and attachments. Never click on a link or download an attachment from an unknown number or email address.
  2. Verify the sender. Check if the message is coming from a legitimate source. Legitimate companies will never ask you to provide sensitive information via text message.
  3. Use two-factor authentication. Enable two-factor authentication on your accounts to add an extra layer of security.
  4. Keep your phone and software up-to-date. Regularly update your phone's operating system, apps, and antivirus software to ensure you have the latest security patches.
  5. Use a password manager. Consider using a reputable password manager to generate strong passwords and store them securely.
  6. Report suspicious activity. If you receive a suspicious text message, report it immediately to your mobile carrier or local law enforcement.

Conclusion

The smishing scam is a serious threat to phone users, and it's essential to take precautions to protect yourself. By being cautious with links and attachments, verifying the sender, using two-factor authentication, keeping your phone and software up-to-date, using a password manager, and reporting suspicious activity, you can significantly reduce the risk of falling victim to these scams.