Smishing

Smishing uses cell phone text messages to lure consumers in. Often the text will contain a URL or phone number. The phone number often has an automated voice response system. You could receive an email or text message from someone posing as your credit card company, asking you to confirm your account numbers or passwords.

Smishers may use the first few digits of your debit or credit card as bait, since credit and debit cards all follow the same standard method for card numbers. Their text message might include a link to a bogus bank website that looks and acts like your real bank's website. Alternately, it might prompt you to download a fake bank app or call a number to clear up a supposed issue with your account. Once spammers capture your personal information, they can sell it on the black market or use it to commit fraud.

Do not respond to smishing messages.

Vishing

Unfortunately, phishing emails are not the only way people can try to fool you into providing personal information in an effort to steal your identity or commit fraud. Criminals also use the phone to solicit your personal information. This telephone version of phishing is sometimes called vishing. Vishing relies on “social engineering” techniques to trick you into providing information that others can use to access and use your important accounts. People can also use this information to pretend to be you and open new lines of credit.

To avoid being fooled by a vishing attempt:

• If you receive an email or phone call asking you to call and you suspect it might be a fraudulent request, look up the organization’s customer service number and call that number rather than the number provided in the solicitation email or phone call.
• Forward the solicitation email to the customer service or security email address of the organization, asking whether the email is legitimate.