Pads For Students - The Location For Student House Rentals

Blog

Students Warned Over "Smishing" Attacks

Phishing – one of the internet’s oldest scams – is no longer limited to Nigerian princes or Winnie Mandela emailing you for bank details. The stringent screens your email servers use means scammers are turning to other methods to extort money from people. One of these is called “smishing”. Using this method, scammers are contacting tech-savvy millennials. In many cases, that will put students on the frontline of their fraudulent activities.

What is Smishing?

The word “smishing” is a portmanteau of “SMS” and “phishing”. Simply, these people are contacting victims through their mobile phones – typically through text messaging but also phoning direct. They pretend to be their bank and ask for security details. They will then use this information to access the victim’s bank account, take their money or apply for loans, credit cards and other financial services.

 

Using More Sophisticated Methods

Just before Christmas, one student lost over £5,000 through this type of scam. The biology student received a text message, seemingly in her bank text message thread, asking her to confirm a £999 transaction. She had not made a transaction of that value and immediately phoned the number in the message. Sadly, it wasn’t her bank and she revealed her full security details. The fraudster withdrew £5,400. Subsequently, her bank (Co-Operative) refused to reimburse the money as she’d handed over her full security information to the fraudsters.

She was adamant that the scammers contacted her through the same number as her bank, something that a male student elsewhere experienced. He claimed the scammers knew exactly what he had been spending money on over the last few weeks. They’d removed £500 per day before putting a stop to it and had applied for a £20,000 loan. His bank (NatWest) did reimburse the lost money. In both cases, the Uber data breach was recognised as a potential cause.

 

Some Simple Checks

The evidence suggests scammers are deliberately targeting tech-savvy students in appealing to legitimacy. As we get wise to their existing methods, so do they in coming up with new ways to scam you. Do everything you can to protect yourself.

  • If you don’t recognise the phone number, type it into a search engine. If it has come from your bank, the top search engine result will be your bank
  • Banks are increasingly not putting their phone number in text messages. Instead, they ask you to “visit our website for our customer service phone number. Choose option 1 on the menu” or recommend you use their web chat on the website
  • Banks will ask for one or two characters from your password and one or two from your PIN. Never supply all your security details in any phone call
  • Don’t click links, at all. Banks are unlikely to provide direct links. Instead, they will ask you to log into your web account or mobile app