What is SMiShing?

What is SMiShing?

SMS + Phishing = SMiShing, a form of malicious spam that attempts to steal personal information through text messages. These attacks can be designed to look like they come from a bank or credit card company. They often prey on a user’s fears- that their debit card has been compromised, that their personal information is in danger, or that their phone has been infected. The attackers usually offer help if you click a hyperlink to a spoofed webpage or reply by text message.

Great Southern Bank will never ask for personal information in the form of a text message

The smishing message usually contains something that wants your “immediate attention.” A popular example is “(Name of a financial institution): Your account has been suspended. Call ###-###-#### immediately to reactivate.” 

The 'hook' will be a legitimate looking web site or telephone voice response system that asks you to 'confirm' (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit/debit card), your debit card PIN, Social Security number, and other details.

Once you provide this information there is no way to get it back. You are now the victim of identity theft.

What can you do to stay safe?

To protect yourself from these kinds of scams, the best tool at your disposal is education. Here are some tips that will teach you what to look for, how to react, and what to do if you feel your identity has been compromised from a SMiShing attempt.

  • Never share your private information (password, PIN, etc.) with anyone.
    Make sure you are positive you are speaking with Great Southern Bank before discussing your account information.

  • Review your bank's and credit card company's policy on sending text messages
    Great Southern Bank will never ask for personal information in the form of a text message or email. If you get a questionable text or email from us, call Customer Service at (800) 749-7113

  • Verify the source of anything you suspect is "phishy"
    Call a phone number that you know for the message at hand. If they sent the message, someone there will know the contents and details of the message and be able to assist you with good information.

  • Do not reply to the message
    Whether it is an SMS message or an email, replying only verifies that the scammers have reached a live person and they may use your information in future attacks.

  • Do not click any links from sources you cannot verify
    If you are not sure whether a link is valid, contact the supposed source using a phone number you know to be valid to see if they know about the text message.

  • Save your bank’s short-code (the 5-digit number used to send texts) to your contact list
    Give the short code an alternate name so you can recognize any incoming messages right away. The more obscure, the better. For example, instead of Great Southern Bank, you could name your contact “Joan’s Bank” or something unrelated like “Aunt Sally”. This will help distinguish the real messages from forged caller IDs or unsolicited messages.

  • If you suspect that you are being phished or think there is an issue with your account, call Great Southern Bank directly at a trusted phone number
    Great Southern Bank Customer Service is here to help you at (800) 749-7113, Mon-Fri 8 a.m. – 7 p.m. CT, and Sat 8 a.m. – 6 p.m. CT