Avoid Falling Victim to Smishing Scam

During the pandemic and the rise of mobile wallets usage in the Philippines, SMS phishing or Smishing becomes more rampant victimizing people, especially those who have no knowledge of this particular scam. We heard the news that some people became victims of hacking and money from their GCash accounts was stolen or even worse siphoned out.  

Smishing is another form of a phishing attack using Mobile SMS as an attacking platform. The attack took place by sending an SMS message to potential victims asking them to click thru the link and letting the victim perform certain actions that the attackers want to do. 

The most common modus used by the perpetrators is to threaten the victim that they need to login their credentials in order to avoid deactivation of the account and then they are being redirected to a malicious website which belongs to them to enter Banking details, GCash Account  MPIN, and personal details. And this is how cybercriminals got your account credentials. 

avoid phishing


Smishing exploits human emotion. 

By sending an SMS message that can excite you or make you worry you will become more prone to making an abrupt decision without logically thinking about the consequence of your action. 

As an example, they will send you a message that you won a big amount of money without even participating in any contest or raffle draw. They will attack your emotion that hidden greed tendency because of the huge amount of money you are about to get. 

scam sms

Another modus operandi would be the deactivation of account threat. The perpetrators will threaten to close your account if you don't log in to your account and click the link. So as the victim you will hurry to activate and act on the SMS you received.




How does the Smishing attack works?

The attacker typically has a database of mobile phones that can be used as an address list to send the message. There are many ways they can obtain your number and this includes dumpster diving. Well, you might ask yourself what is dumpster diving? When you fill up your form at the entrance of a building and the company does not properly shred your form and just plainly dispose of it in the garbage there is a strong probability that your information will fall into the wrong hands. Another way to do it is by using using a feature built inside the software they are using to send an SMS message. 

The attack started by text blasting the address list of its victim. They use software for this and it's pretty automated so don't think that if they have a hundred victim they will send SMS one by one. 

They also set up a malicious website that acts as a fraud portal to enter the victim's detail. It will look like a legitimate website because they can copy the same appearance and look like the legitimate website so don't fall for it.    

How to avoid becoming a victim of Smishing?

Here at Shoppiverse PH, we will give you simple steps on how to prevent falling victim to smishing and what to do in case your account becomes compromised.

1. Have a separate mobile number

If you are entering any public establishment like malls or stores avoid using the phone number that you used in online banking, mobile wallets, or any important credentials you have. Have at least a separate mobile number for not-so-important transactions. By doing this you can filter the messages coming from the legitimate vs illegitimate ones.

sim card


2. If it's too good to be true, it probably is

Avoid entertaining messages or Facebook posts that promised to give a huge amount of money in exchange for a little amount of work. Or asking you to invest in a business with a BIG return. There is a strong possibility that it is a bogus and SCAM.

Don't be greedy if you have not participated in any raffle draw and somebody sends you an SMS out of the blue. Don't fall for it there is a strong probability that is a scam.  

SMS messages that give you a free gift in exchange for your personal details must be also avoided because your personal details can be used to reset your credentials.

gift


3. Ask Question

If somebody sends you an SMS message to reset your password or threatens to deactivate your account even if you don't request it. Or if someone sends you a message to enter details into a webpage, pause for a while. 

If you have a phone number of your bank call them directly or reach out to their official channel. Ask a question if the message you receive indeed comes from the bank itself. Avoid asking for help from a Facebook page or Facebook Group there are some bad people that might take this opportunity to abuse or get your credentials.

customer service


4. Report immediately to the proper Authority

If you think you become a victim of smishing or your account becomes compromised it is important to immediately report it to the authority. Contact your bank immediately to alert them to cancel any further transactions made using your account to prevent the attacker from doing an activity from your account. Don't be ashamed that you become a fool falling into the trap of getting scammed. 

If your GCash account was compromised you can also contact customer service and prevent the GCash scammer from doing further damage to your account.

Report a Gcash Scammer

Here's the link to the list of government agencies and their contact number for your reference to contact in case an incident like this happens.

Reporting Cybercrime in the Philippines


5. Install Mobile App Protection

There are mobile application that helps you filter  scam and spam messages this will help to deter dangerous messages before reading them.

If you are an Android device user you can use Google message as default messaging app as compared to the native messaging app. The Google Message can be donwloaded in Google App Store and it is easy to install.


In summary

Even if the authority or police catch these criminals everyday computer criminal, hacker, and the scammer will never go away on their own. As the first line of defense, it is our duty to protect ourselves from these bad guys. Equipping yourself with knowledge and information on how smishing work is important in order to prevent yourself from becoming a victim.  


You might want to read these other articles about other Scam methods:


Author

With the rise of E-Commerce in the Philippines and the rampant cyber fraud victimizing people that have no prior knowledge of buying online safely, we decided to build this website Shoppiverse PH, and launched our presence on social media via our Facebook Page. In order to help Filipino people to buy from a legitimate seller. ere, we share information and updates about the latest and greatest affiliate products on the market. Stay tuned for product reviews, recommendations, and exclusive deals.

Post a Comment

Previous Post Next Post