Whether you’re trying to win tickets to a sold-out concert, remind your partner to buy milk, vote for your favorite reality TV personality or ask your headphones-encased kid a question, there’s a text for that. While texting is a great convenience and time saver (not to mention an international obsession), if you respond to a wrong text — think: Wyle E. Coyote and the Roadrunner — look out below!
Phishing via text works the same way as email, the only difference is format, tone and, of course, length. The goal remains to commandeer as much information about you as possible (to use for fraud) and/or take control of your device. The pilfered information can be seriously harmful to your sanity, not to mention your finances, since scam artists are always looking to make a quick buck at your expense.
There are many texts you should handle with kid gloves, and still others that you should ignore.
I’m not talking about the obvious “don’ts” here, like looking at texts that were not sent to you. (Oh, and in case you missed that memo, sneaking a peak at your partner’s texts is and always will be a one-way ticket to relational oblivion.) What you need to worry about are texts that could have plausibly been sent to you.
This latter category of text is not always obviously fraudulent. The same thing that makes texting second nature to you is what makes it a potential hazard to your personal information safety.
Regardless of their apparent merit, instead of replying to unsolicited texts directly, you should call the purported sender directly to be sure they aren’t trying to contact you.
With that in mind, here are seven texts you’ll want to be wary of.
1. Texts From Your Bank With Links
Automatic transaction alerts are an excellent security measure. You can set an alert on your checking and savings accounts to cover all kinds of parameters, such as the minimum balance you have to maintain without incurring a fee, a trigger amount on a withdrawal and more. These can be delivered via text, and here’s the thing: the SMS version from your bank will never contain a link. If you get one that does, ignore it. You can also call your bank directly.
2. Texts From the IRS
This is the easiest phishing scam to detect. The IRS never sends texts — ever. It’s also worth noting that the IRS won’t email you about official business either. The only way to do business with the IRS is via the United States Postal Service or by telephone — and if you are contacted by phone, it’s a good rule of thumb to tell the person who called you that you are concerned about security, and you need a reference number or department because you are going to call back on the IRS main phone line about whatever the matter may be. Also keep in mind that just because your caller ID tells you the incoming call is from the IRS does not mean it is the IRS since many phishers are consummate “spoofers.”
3. Texts From Your Credit Card Company With a Call to Action
This is similar to a text from your bank, but with more options for failure. You may have transaction alerts set that get delivered via text. You may have also consented to promotional notices. The bottom line with texts from your credit card company: whatever they are allegedly saying to you via text, they will say to you on the phone. Ignore any texts with a call to action, even if you want to take the action, and call your credit card company directly on the number designated on the back of your credit card. Especially ignore the text if it says that clicking on the link (or calling the number) is the only way to get a particular promotion.
4. Unsolicited Texts From Your Doctor, Lawyer, or Accountant
Businesses that collect a lot of personal information from clients, like medical practices, law firms or accounting firms can be prime targets for hackers. If you get a text from any of these folks, no matter how convincing, and no matter how much about you they seem to know (remember, these same professionals may not have the best defenses against hackers), ignore the text and call them.
5. Random Texts From Your Mortgage Company
I am guessing you’re getting the gist of this game, but any seemingly official notification about one’s mortgage somehow has the ability to completely unhinge people, especially if there is a problem. As data breaches have become the third certainty in life, it is quite likely your mortgage information is out there. If a scammer gets ahold of it, they might try to scare you into taking an action via text, like sending payments to a new address. Ignore them and call your mortgage holder.
6. Scary Texts From Your Auto Lender
Nothing is quite as classic in the storybook of personal finance as the repo man coming to take your car. Because it’s a common nightmare scenario, we are liable to fall for it. Ignore any texts you get from your auto lender. Instead of replying, always call to find out what you already know: someone just tried to scam you.
7. Promotional Texts From Your Favorite Game
Don’t be embarrassed. We all have a game we like to play, and so do our kids. The problem here is that for real devotees, there is very little one won’t do to get an edge. Whether it’s buying points or weapons or secrets, or getting the latest upgrade the second it’s released, true gamers are a juicy target for scammers who send texts hawking special promotions, and they are less likely to be careful about whom they give their contact information to, since getting more game time is more important than anything. Same rule applies here: ignore any text that you get, and make sure your kids do as well. Go online and find the promotion from a reputable site.
If you think you’ve responded to a phishing text, you should monitor your credit for signs of identity theft. (You can do so by pulling your credit reports for free each year at AnnualCreditReport.com and viewing your credit scores for free each month on Credit.com.)
When it comes to staying safe, let restraint be your co-pilot. A little pause goes a long way and you don’t want to end up being the get for scammers.