The Federal Trade Commission (FTC) is warning of a new identity theft scam that attacks you through text messages on smart-phones. While the scam is dangerous, the defense is simple, according to the FTC, "Don't text back."
The scarily convincing scam works like this: You get an unexpected text message informing you that your email account has been hacked into and deactivated "for your protection." The message will tell you to reply or "text back" in order to reactivate your account.
Here is an example of one of the scam texts:
User #25384: Your Gmail profile has been compromised. Text back SENDNOW in order to reactivate your account.
Don't do it, advises the FTC, warning that the messages are really trying to take advantage of security weaknesses in your smart-phone or other online devices in order to steal your personal information.
How to Handle This
Do not reply or text back to messages like that because, "Legitimate companies won't ask you to verify your identity through unsecure channels, like text or email, " warns the FTC.
Do not click on any links that might be included in the message. The links may install malware on your device and take you to spoofing or phishing websites that will try to get you to provide your personal information.
Do report the suspect message to your cell phone service carrier's spam/scam text reporting number. AT&T, T-Mobile, Verizon, Sprint and Bell customers can forward the text message free of charge to 7726 (SPAM).
If your email account ever is really hacked, chances are you'll know it. But what can you do about it? The FTC offers a great article, "Hacked Email," that explains the telltale signs of a hacked email account and how to fix it safely.