SMishing targets unaware mobile phone users

Thursday, June 05, 2008

New fraud comes by text message

Unwanted commercial messages sent to wireless phones can be intrusive and illegal, according to the Federal Communications Commission (FCC). And because of the possibility of ending up a victim of identity theft, they can also be costly. SMishing is the latest form of phishing, in which an email tries to lure a recipient into giving personal information. Smishing attempts to do this via SMS, the communications protocol used to send text messages to a wireless device.

Despite FCC prohibitions on unsolicited commercial messages, consumers have continued to complain about the large number of these kinds of text messages they receive.

Not only can receiving these messages threaten your personal information, it can cost you money if you do not have a bundle plan with unlimited text messaging. In particular, industry experts warn consumers of a Smishing text message that reads, “We're confirming you've signed up for our dating service. You will be charged $2 per day unless you cancel your order at www.?????.com." Concerned about the potential charges, consumers have visited the website provided and unknowingly downloaded malicious software – called malware - designed to steal personal information such as social security numbers, and credit card or bank account numbers.

Spam or unwanted text messages, including those that are SMishing schemes, will continue to increase in the next years, experts say. Wireless devices will routinely be used to access the web, conduct bank transactions and pay bills online. It’s crucial that consumers learn how to recognize fraud and protect their personal information.

The FCC offers the following tips to prevent spam:

• Put your wireless phone number on the national Do-Not-Call list, and distribute it sparingly. (www.donotcall.gov)
• Don’t display your wireless phone number or e-mail address in public. This includes newsgroups, chat rooms, Web sites, or membership directories.
• If you open an unwanted message, send a stop or opt out message in response.
• Check the privacy policy when submitting your wireless phone number or e-mail address to any Web site. Find out if the policy allows the company to sell your information.
• Contact your wireless or Internet service provider about unwanted messages.
• Before you transmit personal information through a Web site, make sure you read through and understand the entire transmitting form. Some Web sites allow you to opt out of receiving e-mail from partners – but you may have to uncheck a pre-selected box if you want to do so.
• You may want to use two e-mail addresses – one for personal messages and one for newsgroups and chat rooms. Also, consider using a disposable e-mail address service that creates a separate e-mail address that forwards messages to your permanent account. If one of the disposable addresses starts to receive spam, you can turn it off without affecting your permanent address.
• Try using a longer and unique e-mail address. Your choice of e-mail addresses may affect the amount of spam that you receive. A common name like “mjones” may get more spam than a more unique name like da110x110. Of course, it’s harder to remember an unusual e-mail address.
• Use an e-mail filter. Some service providers offer a tool that filters out potential spam or channels spam into a bulk e-mail folder. You may also want to consider filtering capabilities when choosing an Internet service provider.

For more information or to file a complaint, visit the FCC.