There’s a new word you need to learn: smishing. And you need to protect yourself from it!

The occasion of email phishing scams is so frequent, we should be very conscious of these criminal efforts. Do you studiously review emails from trusted relationships to be certain they are legitimate before responding? Perhaps our diligence is frustrating the criminals because there is now an increase of scams using text messages—enough so that Schwab has sent us an alert about this issue.

Phishing scams using text or SMS messages are referred to as smishing. In a smishing scam, you would receive fraudulent text or SMS messages that appear to be from a legitimate source such as Schwab or another financial provider. The fraudulent text attempts to lure you to provide your account credentials. You are led to believe, as an example, that your credit card has been blocked and includes a hyperlink to take action. The link goes to a fake website requesting you enter your account credentials, which fraudsters in turn can then use to gain access to your account.

Please be extra cautious when responding to texts or emails from unknown sources, including clicking attachments and links. In general, take these approaches while reviewing suspicious texts:

  • Don’t respond to the text. Instead, navigate directly to the financial provider’s website or use an authorized mobile app when accessing your accounts. If there is indeed an urgent need to take action on your account, the alert will be on the provider’s website.
  • If you have received a fraudulent text and have NOT acted on the text, you can safely ignore the text and delete it.
  • If you have clicked on the hyperlink and supplied any credentials, we strongly encourage you to immediately contact your financial provider and change your login and password for all your financial providers and email accounts.
  • When accessing any website which has your personal data, confirm you are accessing a secure website. Secure websites begin with https and not http. They are denoted with a padlock icon as well.
  • Alert your financial institution as to the existence of the smishing text. They should want to know and will work to have all such fraudulent linked websites taken down.

Please call us if you have any questions about the cybersecurity of your investment accounts.