Many of the scams we see at the Division of Information Technology (DoIT) are coming from emails but scammers do not only use emails to try and scam users out of their personal and financial information. Scammers will also send fake text messages with the same goal.
Just like with phishing and scam emails there are many red flags that you can look out for to help spot and avoid spam and phishing text messages. Here are some red flags:
Unusually long numbers. Most legit SMS marketing messages will come from a 6-digit code (like 116735) and not a normal 10 or 11 digit number.
The text comes from a sketchy email address. Not only should you look out for weird phone numbers but if the text is coming from a weird email that you have no relation to this a sign that it is a scam.
A sense of urgency. Just like with phishing emails, texting scams will try to trick you into thinking it is an emergency with a sense of urgency. For example calming a family emergency like that your relative needs bail.
The message seems irrelevant to you. If you receive a message that just does not make any sense like winning a contest or unrelated activities to a business this is a red flag that it could be a scam.
The text has poor grammar and misspellings. Just like with any type of scam this is always one of the biggest red flags to look out.
Contains a link. Never click on any links or download anything from any unsolicited texts or emails. This is how malicious softwares can end up on users' devices.
Too good to be true. Scammers have been known to offer fake free gifts like prizes, coupons, credit cards or even offering to pay for things like your student debt.
Here are some examples of what a text messaging scam might look like:
Claiming that they have noticed some suspicious activity on your account.
Claims there’s a problem with your payment information.
Sends a fake invoice and tells you to contact them if you didn’t authorize the purchase.
Send you a fake package delivery notification.
Claims that someone is in crisis and needs your help like a close family member or friend.
One DoIT had reported was an insurance scam. More information can be found here https://itsecurity.umbc.edu/critical/?id=101261
For blocking a number,your phone might have an option to block the user or block any messages from unknown senders or spam. Messaging apps and phone providers might also have the same abilities to block users and spam.
For reporting a message the FTC has a few steps you can follow:
If you get an unwanted text message you can report it to the message app that you are using (for example WhatsApp).
You can also copy the message and forward to 7726 (SPAM).
Finally you can report it to the FTC at https://reportfraud.ftc.gov/.
What to do now?
If provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.
If you think you have been sent a scam please report it to security@umbc.edu and if any part of the scam was through emails please provide full email headers as well. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.
For more information from usa.gov please visit:
https://www.consumer.ftc.gov/articles/how-recognize-and-report-spam-text-messages
https://www.zipwhip.com/blog/how-to-identify-a-text-scam/
https://simpletexting.com/how-to-identify-a-text-scam/
How do I forward full email headers?
https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970
To read more articles published by DoIT Security please visit: