top of page

How We Allow Criminals to Break Into Our Phones




We use our phones for everything these days — and scammers are well aware of this.


Recently scammers have developed a way to use SMS text messages to break into our phones and log into our various online accounts, steal our personal information and take our savings.


The biggest issue with these scam SMS text messages is how easy it is for them to appear to be sent from reputable companies, seem innocent and even useful. But they could be incredibly dangerous.


We have identified several of these text message scams and want to spread the word so that we can stay better protected.



Types of Scam Text Messages:


Apple/iCloud Text Message scam

  • This is a more recent scam trend coming over SMS.


  • They aim to trick iPhone users into giving up their password that they use to get into their Apple account – and, once hackers have access to that, then they can easily get your bank account details and even have access to your location.


  • Scammers do this by pretending to be Apple and claiming that the user’s iCloud account has been deactivated, asking them to head to the website and re-enter their personal details: "To reactivate your account confirm your details here".


  • The text links to a fake Apple login page that asks for an Apple ID and password.


  • Because the messages being sent use the user’s name, many people are falling for the scam. so that users send them details and because they are done through the very personal but notoriously sketchy technology of SMS, they can be easy to spot.





Two-factor authentication text message scam:

  • Another type of text scam attempts to get around the two-factor authentication that many online accounts now have built in


  • Two-factor authentication works by attaching a phone number to a person’s account so that when they try to log-in, it will send a unique code to that phone number. This code then has to be typed into the website in order to successfully log in.

  • Two-factor authentication helps to prevent people from stealing passwords and breaking into accounts, because it requires physical access to the phone; and that’s why people are now trying to get around it with scams.




  • In this example text message (pictured above) you can see that the message appears to be from Google and claims that their account may have been hacked. If they want to have it shut down, it says, they need to reply to the message with the 6-digit verification code that they are about to receive.


  • It’s an extremely sneaky way of getting people to put the authentication message that they have received from Google into a text message so that scammers can get through the two factor authentication security.




Bank Account Text Messages:

  • The most alarming new trend is a text message scam going around that appears to be from your own bank.


  • Receiving a text message that appears to be from a major bank like Chase, Bank of America, or Wells Fargo.


  • In the text message they will inform you that there is something wrong or that there's been a fraudulent charge on your account.


  • They also usually send a link or a phone number to resolve the problem with your account (Mark Fetterhoff, AARP 2021).



Package delivery text message scams:

  • Since the beginning of Corona in 2019, a lot of us have grown accustomed to ordering more online rather than shopping in stores. Many of us are familiar with receiving a “track your package” or “your package has been delivered” text message. Unfortunately, these texts have become the perfect way for scammers to hook unsuspecting people in.


  • Scammers have been sending realistic-looking text messages (like the one pictured above) hoping to trick people into entering their personal or financial information, posing as shipping and package delivery services such as FedEx or DHL.


  • Last year, Tom and Freyja Cuff received a fake text message concerning a package collection which eventually caused them to lose their life savings.



What you can do:


Now that you know the signs to look for let’s discuss what you can do when receiving these scam text messages. (According to Norton LifeLock 2021)


  • Don’t reply - Replying to these messages is never a good idea as it lets the scammer know that your phone number is working and genuine. Once they verified your number as legitimate they can go on to sell it to other scammers or spammers who will likely target you with more messages.


  • Don’t give personal details - Spam text messages may lure you into disclosing personal information like how much money you make, how much you owe the bank, your Social Security number, and credit card details. Most legitimate companies do not request personal information like passwords, account details, and other personal details via text messages.


  • Don’t click on links - Clicking on a link in a spam text message could install malware that can collect information from your phone. It can take you to spoof sites that look real but are designed to steal your information. Malware can also slow down your cell phone’s performance by taking up space on your phone’s memory. Once the spammer has your information, it can be sold to marketers or, worse, identity thieves.


Remember that responsible companies are aware of these scams and always have their official contact information listed on their website. Never contact the company using the link or phone number that the message is sent from.


When receiving one of these messages, the best thing to do to validate its legitimacy is to Google the official contact information of the company and contact them directly.



Please share this information to keep others protected from these scams!


Stay safe,


Genie Team


Comments


bottom of page