The goal is to trick you into believing that a message has arrived from a trusted person or organization, and then convincing you to take action that gives the attacker exploitable information (like bank account login credentials, for example) or access to your mobile device.
The best way to avoid SMiShing attempts is to never click links or reply to text messages from numbers you don't recognize. This may sound obvious, but oftentimes scammers will urge you to act or respond quickly, so you should stop and think about it before responding to the message. An example of this is the text received below, which claims to be from UHCU, alerting the recipient of a potential suspicious transaction on their account.
UHCU will NEVER ask for the last 8 digits of your card number, the expiration date, or CVV code. Additionally, you will not be asked to provide your login credentials for Online Banking. For more information on security questions, check out our Debit Card Fraud Monitoring article.
If you receive a text like the one above from an unknown number, DO NOT respond. Instead, ask yourself these questions:
- Is the message urgent and requiring me to click on a link or provide account information immediately?
- Have I previously setup this type of notification on my account?
- Does the message sound like it’s from the organization claiming to contact me?
Unfortunately, scammers are becoming more and more savvy with their attacks and consumers have to be as vigilant as possible. As a reminder, United Heritage Credit Union takes these measures very seriously. We are continuously working to update and enhance our security measures to stay on top of the most recent security threats.