The
FBI
has issued a warning to
iPhone
and
Android
users: beware of
smishing
.
Smishing attacks are
fraudulent
text messages sent via a phone’s
SMS
— short message service — designed to deceive recipients into sharing personal details, such as their passwords.
The term smishing combines elements of SMS and phishing, with the latter referring to
deceptive or manipulative schemes
designed to coax individuals into divulging personal data, typically via phishing emails.
A phishing email could seem as though it’s coming from a business such as Amazon—using the firm’s logo and possibly including certain links directing you back to their site—but it might actually come from an individual aiming to take your login credentials or credit card details. Usually, this type of message includes a hyperlink designed for fraudsters to gather data directly from recipients or gain entry into their devices.
Scams of this kind are occurring via text messages as well.
According to
Bleeping Computer
On an information security and tech news platform, it has been reported that cybercriminals have created over 10,000 domain names to facilitate text message scams.
If someone receives a suspicious text, they should delete it immediately and never click on any links included in the messages, according to cybersecurity experts.
A common smishing attack has been bothering people in New York. This scam involves fraudsters sending messages purportedly from the city of New York, stating that recipients have outstanding parking fines. These texts contain a link directing individuals to what appears to be the City of New York’s Department of Finance Parking and Camera Violation login page via a Google form.
When a recipient completes the form, they receive instructions to provide additional details about themselves on another page. This includes entering their complete name, date of birth, postal code, email address, and private telephone number. Such data could potentially be exploited by ill-intentioned individuals attempting to infiltrate others’ electronic mailboxes, financial institutions’ accounts, or other confidential services via the password retrieval and account restoration features integrated into most protected online platforms.
A report from
the cybersecurity company Palo Alto Networks’ Unit 42
, its research division, found that numerous malicious domains tied to the scam were used by Chinese cybercriminal groups.
The Federal Trade Commission has provided guidelines about these scams, emphasizing that genuine U.S.-based toll service providers and shipping firms would never direct customers to overseas websites.
The agency also warned that falling for the scams not only puts people’s finances at risk, but also makes them targets for potential identity theft.
The
FBI has advised
that anyone who receives a suspicious text should file a complaint with its Internet Crime Complaint Center — commonly known as the IC3 — and provide details about the phone number and the nature of the text.
Victims of these scams should also navigate to the official toll service’s website or reach out to their customer support directly to verify any pending charges. Essentially, avoid clicking on links within the message; instead, manually enter their web address into your browser or dial their phone number provided separately.
Individuals who fall prey to such scams should promptly take action to protect their accounts and challenge any fraudulent activities conducted with their data.
The Independent stands out as the globe’s premier source of unbiased reporting, offering international news, opinions, and insights tailored for those with an independent mindset. With a vast, worldwide audience composed of people who think for themselves, we pride ourselves on delivering reliable content and a dedication to fostering positive transformation. In these times, our purpose—to drive meaningful progress—has become more crucial than ever before.
