Phishing attempts are on the rise. While many may be aware of fake emails pretending to come from legitimate institutions, there is another potential banking fraud that is targeting individuals: text scams. These text scams are essentially phishing via SMS where cybercriminals work to obtain your sensitive information.
Read on to learn how smishing scams work and what text messages to look out for.
What is smishing?
Smishing, or SMS phishing, is a common SMS scam done by a cybercriminal pretending to be a bank representative. The message usually states one of these problems on your account:
The text usually contains a link or a number to expect a call from a “representative” to assist you with sorting out the issue.
If there is a link attached, it will direct you to a fake website which mimics your bank’s website. This duplicate website will then ask you to “log in” to your online bank account but will just collect your online bank details such as your username, password, bank account number, and perhaps even your complete name.
If it is instructing you to wait for an “authorized representative,” the seemingly legitimate and professional scammer on the other end of the line will either ask you to verify your details or re-enter them into the system in an attempt to let you divulge personal information like:
We remind our clients that Metrobank will NOT initiate calls, SMS, emails, or chats to ask for your bank account details.
Common text scams
Some of the common text scams you should know and watch out for include:
What to do
If you receive any of these types of messages, ask yourself these questions:
Do I have an account with this company, or do I know the person who contacted me? If the answer is no, it is likely a smishing scam. If you do, contact the company yourself using trusted means – call the official hotline, send an email to the official email address, or use the official company website. Never click on the link included in text messages that are unfamiliar to you. These links can install dangerous malware and can steal personal files and information from your device.
Have you made any log in attempts, added any new devices, or changed any passwords? If you have not, again, get in touch with the company yourself. Do not reply to the number or answer any calls.
Did you join a competition and are waiting to be notified of the results? If not, then it is a scam.
Keep a close eye on your bank accounts. Make a habit of regularly checking your online bank accounts and credit card accounts for any fraudulent purchases or suspicious activity. Even a small transaction, such as a P0.50 payment, that you do not recognize could be a red flag for a possible larger fraud scheme.
Be wary of the caller ID. Some fraudsters make use of what is called spoofing to mask their own numbers and mimic one of a legitimate company, like your bank or telco. Even if it seems like it is your bank asking you to update your information or give your OTP to a representative, NEVER EVER share your private information. Again, Metrobank will NOT initiate calls, SMS, emails, or chats to ask for your bank account details.
Report fraudulent text messages. If you suspect you’ve been a victim of fraud, call us immediately and report the fraud incident to (02) 88-700-700 or 1-800-1888-5775. You can also email us at firstname.lastname@example.org using “Report on Possible Fraud” as the subject.
Help us #FightFraud
Metrobank takes fraud seriously. You can be part of the fight. Browse through our articles and learn more about how we can fight fraud together.