Text scams use similar tactics to email scams, where criminals impersonate legitimate companies to gain personal or financial information in order to steal from their intended victims.
Text-based phishing, sometimes called smishing or SMS phishing, is more dangerous than email-based phishing, as it exploits:
- People's tendency to treat text messages with a sense of urgency.
- Few phones have spam and phishing filters on inbound text messages.
- It's difficult on smartphones to check the validity of links before clicking.
How to spot a Text Scam
Text scams can be difficult to spot, particularly if the messages are sent by an organisation who would normally contact you by text. But, like email scams, there are some tell-tale signs. For example, there may be spelling mistakes, or the message may be sent from a different number than previous messages received from the same organisation, or from an overseas number.
Stop and think. Is this for real?
Be wary of any text message you're sent that requires you to react by clicking a link or making a phone call.
Never click any links in texts from your bank. If in doubt, go directly to the website and login as normal. If there really is a problem you’ll have a message on the website telling you what to do.
If there’s a number for you to call, check it matches with the one advertised online or on official documents you've received. And if you're asked for personal or financial information hang up immediately.
We recommend reporting any instances of suspected text scam to your telecommunications provider, so they can investigate the matter and block the number if necessary.
More information can be found on the Consumer Protection website, including a list of agencies who can help if you think you've been a victim of a scam.