March 30, 2012 at 10:52 AM ET
The text message is designed to grab your attention and get an instant response.
“Apple is looking for people to test and keep the new iPhone 5!” it says. But only the first 1,000 people who click on the link in the message can take part.
Click on the link and you’ll wind up on a site that asks for your name, email, birthday and cell phone number. Don’t do it! There is no iPhone5. This is just a devious attempt to snag your personal information.
This text message deception is called “smishing” and it’s the cell phone equivalent of email phishing. The name comes from the SMS (short message service) technology that’s used to deliver text messages.
Here’s another one.
For the past few weeks, people across the country have complained about getting a spam text message that said they had won a $1,000 Wal-Mart gift card. Those who click on the link to claim their card end up on a website that asks for personal information.
The website scambook.com has received almost 2,000 complaints about this bogus Wal-Mart text since mid-March. That’s a huge number in such a short time period. The site has a blog post dissecting this scam.
"Smishing is a huge problem,” says Adam Levin, founder of Identity Theft 911. “We’re just at the beginning of this crime wave.”
He points out that some of these scam texts look like legitimate alerts from your bank or credit card company. That could put you off your guard.
“Don’t respond to the text by providing any information,” Levin warns. “Think of it as purely a notification.”
And don’t trust any link or number provided in the text. Use a number you know you can trust to call the financial institution or credit card company.
Levin says the bad guys – either criminals or unscrupulous businesses – are trying to take advantage of you when you’re distracted.
“When you get text messages you’re usually in the middle of three or four different things. So you don’t think. You instantly respond. And that’s a big mistake,” Levin says.
Malware-based smishing is another threat for anyone with a smartphone. Click on the link in a booby-trapped text message and you could download malicious software onto your phone without knowing it. That software can steal all the data stored on your phone as well as any passwords or account numbers you might punch in.
“Just because it’s a phone doesn’t make it any less of a computer, and it’s just as susceptible to viruses and malware as your PC,” warns Jake Bernstein, an assistant attorney general in the high-tech unit of the Washington state attorney general’s office. “People need to recognize that smartphones aren’t just phones, they’re computers and they can be infected.”
Respond to a smishing text by sending a message that says "remove" or "stop” and the bad guys will know your number is active. They’ll add it to their list and send you more spam messages.
Remember, no legitimate business or government agency would ever ask you to provide personal information over something as insecure as a text.
If you are bothered by spam text message,s contact your carrier to see if you can block the sender.