DON’T CLICK THE LINK! How to Prevent Falling Victim to Phone Scammers

According to Consumer Affairs, in 2023, there were over 310 million smartphone users in the US. Text message open rates are estimated to be as high as 98% compared to only a 20% open rate for emails, so it’s no wonder cyber criminals are focusing on texts! If you own a smart phone, you’ve likely been the recipient of a smishing text. Would you be able to tell?

The term “smishing” is a combination of SMS, which stands for Short Message Service, the technical name for texting, and phishing, which is an online scam where cybercriminals try to trick you into giving them sensitive information like a credit card number, an account number or your passwords.

Emma Fletcher, a senior data researcher for the FTC wrote in a blog for CBS News MoneyWatch, “Scam texts have grown effective in recent years in part because they offer rewards like a job or gift," the FTC said. "Other messages successfully fool consumers into thinking someone has accessed their bank account.”

The blog continues, "Texting is cheap and easy, and scammers are counting on the ding of an incoming text being hard to ignore," Fletcher said. "Scammers use the speed of text communication to their advantage; they hope you won't slow down and think over what's in the message."

According to the Federal Trade Commission (FTC), Americans lost over $330 million to texting scams in 2022, and numbers from 2023 suggest these scams were on pace to surpass that. Scammers have honed their tactics to look more like real communications from banks, government agencies, and even loved ones, making vigilance essential.

This guide will explain how to recognize these scams, what to do if you receive one and how to handle a situation if you are tricked into responding to one.

The first and most important thing to remember is:

STOP AND THINK, DON’T CLICK THAT LINK!

“Scam text messages often pretend to be reputable companies to steal your personal information,” says fraud expert Dawn Sarno, director of the AVANT Lab at Clemson University in a Reader's Digest blog. “They will include real company logos, threaten you to respond within a deadline, scare you into thinking you will lose money or offer you things that are too good to be true.” 

How to Detect a Text Scam

Detecting a scam is the first step to staying safe. Here’s how to identify when a text might be a scam:

Suspicious Phone Numbers: Smishing texts will often come from phone numbers not in your contact list – that by itself is a red flag. They may not follow the typical 10-digit layout or may use a series of the same number.

Unexpected Alerts and Fake Claims of Fraud: Nearly 30% of text scams impersonate a bank, government site, such as Social Security, or a major company like Amazon, claiming there’s suspicious activity on your account. There’s a link in the text for you to respond back. DON’T CLICK THE LINK! Always double-check to see if there’s a real issue by logging into your account using your own resources, not what is in the text, or calling your bank directly. Many times, you won’t even have an account at the company referenced in the text!

Unusual Links or Attachments: DON’T CLICK THE LINK! Avoid clicking on any links in texts from unknown senders. You can often detect a fake link by the use of improper spelling, odd punctuation and often, a person’s name included in the link. (On some devices, long-pressing may show the full URL). A true URL will have a logical address, spelled correctly without strange punctuation.

Poor Grammar or Spelling Errors: While scams are becoming more sophisticated, poor grammar, misspellings, or odd phrasing can still be a red flag. Scammers often automate messages in bulk, making errors more common.

Requests for Personal Information: Crews Bank & Trust (or any other bank) or government institutions won’t ever ask for Social Security numbers, PINs, or other sensitive details over a text. Any message asking for this information is likely fraudulent. DON’T CLICK THE LINK! Instead, go to your favorite branch, check your online banking app for messages or call the bank’s Customer Service to double check and report the smishing text.

Threats or Urgent Messages: Scammers create a false sense of urgency by threatening account closures or legal action if you don’t respond immediately. According to data from cybersecurity firms, this tactic is effective because it pressures people to act without verifying.

Types of Text Scams

There are several types of text scams that cybercriminals use to trick you into clicking a link. The top three are Bank Scams, Delivery Scams and Free Gift Scams. New types of scams are popping up all the time as cybercriminals become more sophisticated.

Imposter/Bank Text Scams: These are the most common type of scam and accounted for 10% of all text scams in 2022. You might receive a text stating a charge attempt was made on your credit card, your bank noticed unusual charges on your account, or your info needs to be validated. There will be a link in the text for you to respond. DON’T CLICK THE LINK! While banks sometimes send alerts, they typically do so through official apps or secure communication. Always double check with the bank and use their official site to do any business, not the text.

Package Tracking and Delivery Notifications Text Scams: The second most common text scams come in at 9% of all smishing scams. Texts begin with a message about a package being sent to your address, with a “tracking link”. DON’T CLICK THE LINK! Even if you are expecting a package, it’s still best to go directly to the official company website to check any delivery information. Scammers rely on the fact that most people do business with large companies like Amazon or Walmart, especially during the holidays.

“Free” Gift Scams: Tied with Package Tracking and Delivery Notifications Scams at 9%, this type of scam offers a link to receive a “free” gift or to enter a contest. DON’T CLICK THE LINK! Legitimate companies won’t send unsolicited texts. Go to the official website to see if it’s real and enter there.

Other types of scams include:

Amazon Scams: Almost everyone has an Amazon account and that’s exactly what cybercriminals are banking on. There are several scams based around Amazon, many trying to trick you into click on a link to resolve a problem or send a refund. DON’T CLICK THE LINK! Instead, go to Amazon.com/Help to check on an order or a return.

Outstanding Payment Scams: If you aren’t sure whether you made a payment, go to the company’s official website.

Job Offers: Legitimate companies will not text random job offers to people they’ve never met. DON’T CLICK THE LINK!

Student Loan Forgiveness: Seriously? If there was a real program, the official website will have all the details, DON’T CLICK THE LINK!

Wrong Number Scams: This is a longer-term type of scam that starts out like an innocent message that was sent accidentally to a wrong number. In this type of scam, scammers wait to see if you respond, which most people are kind enough to do, then try to establish a relationship, in order to persuade them to “invest” in cryptocurrency. Once you’ve done the polite “I’m not Joe” response, stop responding. If they try to continue the conversation, the easiest thing to do is to block the call.

What to Do if You Get a Scam Text

Receiving a scam text can be unnerving and it’s easy to get caught, especially as scammers are getting better at mimicking real companies. Here are some steps to protect yourself:

Do Not Respond or Engage with the Message: Responding can verify to scammers that your number is active, making you a target for further attempts. Even a simple “Stop” or “No” can trigger more messages.

Block and Report the Number: On both iOS and Android, you can block and report numbers as spam. While scammers frequently change numbers, blocking them reduces the chances of receiving repeat messages.

Delete the Message: Once reported, delete the text. This prevents accidental clicks on harmful links later.

Potential Risks to Your Bank Account and Phone

If you engage with a scam text, here are some of the immediate consequences:

Bank Account Compromise: If you share your bank account information, scammers can potentially initiate unauthorized transactions or drain your account. In 2023, the average loss per successful text scam was estimated to be $1,000, but some individuals lost tens of thousand of dollars. Scammers may also attempt to open new lines of credit or use your data for identity theft, leading to long-term financial repercussions.

Phone Malware: Clicking a scam link may install malware on your phone. This malware can do everything from tracking your keystrokes to stealing contacts and reading messages. Some advanced spywares can even access your photos, listen to calls, or monitor your activity. Malware infections increased by 18% from 2022 to 2023, largely due to text-based scams, as reported by cybersecurity firms like Kaspersky.

Steps to Take if You Fall for a Text Scam

If you realize you've interacted with a scam or shared information, take immediate action to minimize the impact:

Contact Your Bank or Financial Institutions Immediately: Report unauthorized transactions as soon as possible.

Change Your Passwords and Enable Two-Factor Authentication (2FA): Start with your banking accounts, but update all potentially affected accounts, like email and social media, if you’ve reused passwords. Use unique, strong passwords, and enable 2FA wherever possible for an added layer of protection. It may be a bit of an inconvenience to have to always enter the 2FA code but in the long run, it could save you money and much greater inconvenience!

Check for Malware on Your Phone: Use reputable antivirus software to scan for and remove malware. Some antivirus services offer free trials or apps specifically designed to detect mobile spyware and malware.

Report the Scam to Federal Agencies or Local Authorities: Report incidents to the Federal Trade Commission (FTC) at reportfraud.ftc.gov or the Internet Crime Complaint Center (IC3). This helps authorities track scams and potentially prevent them from affecting others.

You can also take a screenshot of the message and forward it to 7726 (This code spells SPAM, to help you to easily remember it.) Doing so will help your wireless provider to be able to spot and monitor similar messages.

Monitor Your Credit Report and Bank Statements: Review your financial statements for unusual charges and check your credit report regularly for any unexpected accounts or inquiries. Go to AnnualCreditReport.com to access free weekly reports from Equifax, Experian, or TransUnion.

Staying One Step Ahead

Texting scams are getting more common but being informed and prepared is your best defense. Proactive prevention is key – review this Crews Bank checklist of tips to keep your phone and accounts secure.

With knowledge of common scam tactics and quick actions to protect your information, you can minimize your risks and recover effectively if you fall victim. Remember, vigilance and caution are key in safeguarding yourself in this evolving digital landscape.