- Criminals also use SMS to spy on people’s data.
- Smishing is the name of this scam.
- How to prevent data theft.
- “Last chance to pick up your parcel” or “Your new mobile phone bill has arrived”: Such SMS messages are not only sent by reputable companies from which you have used a service. Scammers use old-fashioned SMS to steal personal information.
- There is usually a link under the corresponding messages. Anyone who clicks on it and logs in with their data or downloads a program falls victim to what is known as “smishing”. The term is a neologism. It consists of SMS and phishing, the theft of access data using fake messages.
- The Federal Office for Information Security (BSI) warns that the fraudulent SMS messages are currently being informed about an allegedly received voicemail or that the smartphone is infected with malware. Some fake messages also state that such malware has leaked private photos. All of this is wrong. It is only when you download a file via the link in the message that malware is installed – namely that of the criminals.
There are some precautions how not to fall victim to a smishing attack
The BSI advises:
- Critically check whether the SMS message comes from a reputable source. To verify that an SMS is actually from the company named in the message, you can enter the sender’s phone number in a search engine. If it is a fraudulent number, websites that warn about it usually appear in the front search entries.
- Don’t click on links carelessly. Short links are often used in SMS, where you can hardly see at first glance which website is behind it. However, you should only click links in the news if you are sure that they lead to a reputable website.
- Never download files from unknown sources. It is best to always download apps from the respective stores – for Apple devices from the App Store, for Android devices from the Play Store.
- Delete suspicious SMS immediately. This way you don’t accidentally click on the link in it later.
- Received suspicious SMS from the known sender? If you get a strange message from a friend, call and ask. Sometimes malware sends text messages on someone’s behalf without them noticing.
- Block the number of the sender of the smishing message.
- Keep your operating system up to date. You can read how this works for an Android-powered device here. Similar instructions can be found here for iOS powered devices.
link opened? Switch to flight mode
The BSI recommends that anyone who has already clicked on a link from a smishing SMS or installed malware should first switch their device to flight mode. You should also inform the mobile phone provider and check whether there have been unwanted debits from accounts. In addition, the authority advises resetting the smartphone to factory settings – and beforehand backing up all important data, such as photos, videos, and documents, on a local data medium such as a USB stick.
There had already been an increase in smishing attacks in the spring of this year. If users clicked on the link in a message, they were asked to download an app, for example, to track packages from well-known logistics companies such as DHL or FedEx.
But instead of being able to track packages, the users themselves were now being tracked. The fake app spied out local address data and spread more smishing messages. Recipients ended up on advertising or phishing sites when they opened the link in the fraudulent SMS.