Similar to phishing, smishing uses cell phone text messages to deliver the “bait” to get you to divulge your personal information. The “hook” (the method used to actually “capture” your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to automated voice response system.
The smishing message usually contains something that wants your “immediate attention”. Some examples include:
1. “We’re confirming you’ve signed up for our dating service. You will be charged $2/day unless you cancel your order on this URL: www.?????.com.”
2. “(Name of popular online bank) is confirming that you have purchased a $1500 computer from (name of popular computer company). Visit www.?????.com if you did not make this online purchase.”
3. “(Name of a financial institution): Your account has been suspended. Call xxx-xxx-xxx immediately to reactivate.”
The “hook” will be a legitimate looking web site that asks you to “confirm” (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, SSN, email address, and other personal information. If the “hook” is a phone number, it normally directs to a legitimate sounding automated voice response system, similar to the voice response systems used by many financial institutions, which will ask for the same personal information.
Do not respond to text messages, website addresses or telephone numbers that may warn of dire consequences unless you validate your information immediately. Contact the company to confirm the text validity using a telephone number or Web address you know to be genuine. Hyden Citizens Bank will never ask you for your PIN number.