A new security risk has crept into the world of online shopping, and it combines the trickery of phishing scams with the ease and availability of text messages.
Called "smishing" the scam is a nefarious update to the traditional phishing hoax ; rather than sending the phishing bait — a legitimate-looking offer from a supposedly trusted source such as a bank — through e-mail, the message is sent via SMS (text). The victim is told in the text that an urgent bank matter needs to be discussed; the text instructs the recipient to call a toll-free number and provide their account number and password to a fake automated voice-response system.
Because most people are more apt to trust text messages than suspicious-looking emails, smishing provides malware perpetrators another vector for attack, according to Smart Shop Magazine. With a high number of gift purchases made online, security experts expect to see smishing scams rise during the holiday shopping season.
Security experts advise people to be wary of text messages claiming to contain important information about bank account and to call the bank rather than the 800 number mentioned in the text message.