Norwich Police Warn About SMISHING
You know about “phishing” scams, when the fraudster uses email to steal valuable information such as credit card and Social Security numbers, user IDs, and passwords. See PHISHING WARNING from the Norwich Police.
Today, the Norwich Police Department issued a warning today about “smishing”, when the scammer uses text messaging instead. Smishing = SMS phISHING. Be wary too of “vishing” (Voice phISHING), the telephone counterpart to phishing.
I am reminded of the warning provided long ago by a street poet in NYC: not all pirates wear eye patches.
Here is message from Chief Robinson:
This was sent from the VERMONT STATE IT DEPARTMENT about “SMISHING”
Sounds silly doesn’t it? It’s actually a growing area of concern, and I bet you’ve already gotten at least one!
In the past, I’ve shared with you a document on red flags that indicated you are being phished. That document pointed out ways you could tell the email was a fake. But what if it’s a text?
Some things to know. Most banks will NOT send you a text message as they don’t want people to fall for scams like that! Check with your specific bank to find out! For example, VSECU may call you if there is a problem with your account, but will not send you a text. If you receive a text telling you to provide your password as something has gone wrong, it’s likely a phishing attempt. Call the bank, do not respond to the text.
Here are some general tips about SMS phishing or smishing …
Beware of messages that come from the number "5000"
Does the text make you afraid that something bad will happen if you don’t react right away? Don’t react! DELETE
Don’t be afraid to do a little research and verifying the source. This might mean calling your bank and checking that they sent it.
This scam is actually quite clever, but it’s setting you up so your Gmail account could be taken over. What is actually happening is that the bad guy has requested a password change on the account. That request sends a code to the real account owner to verify that they actually want the password changed, and when the victim sends the code back, the bad guys change the password and now have access to the account. Gmail would never ask if you DON’T want something done to your account. So if you didn’t ask for a password reset, you should not be asked about one.
Always be suspicious!
Chief Douglas A. Robinson
Norwich Police Department
10 Hazen Street / P.O. Box 311
Norwich, Vermont 05055