Have you been receiving more SMS messages from random numbers amid the pandemic? Most of the time, these texts come with links, too, and you should think twice before tapping on any of these.
These links are seemingly legit, with some of them using names like Lazada's in their URL, and are meant to trick you to click on them. But these links could potentially be harmful, leading users to fraudulent sites to steal personal data and become victims of phishing.
This type of phishing attack, in particular, is called "smishing" and the National Privacy Commission (NPC) said that they've been receiving reports of it recently allegedly due to people sharing their contact information in COVID-19 contact tracing and health declaration forms.
Smishing scenarios include links involving activation for a Facebook dummy account or online shopping/delivery tracking—anything that could prompt you to share personal data such as your name, address, and banking details.
Keep your data safe
To help the public from falling prey to these phishing attacks, the NPC shared some privacy practices against smishing.
- Don't click on links for services you did not sign up for.
- Be cautious with shortened URLs.
- Be wary of sharing your personal or financial information online. Check to see if the site is legit by reading the full URL. Usually, malicious links that seem legit are misspelled by one letter.
- Don't open in-app links and disable link previews in your SMS app.
- Block or report the number that sent you the malicious link.
How to block messages on iOS
- Open Messages and pick a conversation.
- Tap on the number in the top section and choose Info.
- Pick Block this Caller.
You can also filter messages on iOS from unknown senders by going into Settings > Messages and toggle Filter Uknown Senders.
“One of the best ways users can arm themselves against smishing attacks is to be aware of this kind of manipulation," said Privacy Commissioner Raymund Liboro.
"Scrutinize the text messages you receive, especially if they come from an unknown number and request information about you. Be skeptical and don’t assume that every message you receive is genuine."