Washington State Attorney General Rob McKenna warned consumers about a text-message trap to capture financial information and drain credit card and bank accounts. Such text message scams are called "smishing."
"If you don't wish to be smished, ignore text messages that look like they're coming from your bank or credit card," McKenna said. "Flip over your credit or ATM card and call the number on the back. If there's a problem with your account, that's the best way to find out."
Consumers began contacting the Attorney General's Consumer Protection Division early last week complaining about calls to their cell phones from those posing as Wells Fargo employees. An automated voice suggested that the customer's account has been breached and directed them to "press one" for assistance. They were then connected to a person who asks for sensitive account information.
Many of the calls came to those who don't even have Wells Fargo accounts. As the week progressed, the scam morphed to text messages from those posing as representing Bank of America, Chase, Citibank and Capital One.
"Phishing" scams trick consumers into turning over account numbers, PINs, credit card security codes, usernames, passwords and other sensitive information. "Smishing" is a similar scam launched over SMS (Short Message Service) messages -- better known as text messages.
Scammers have long phished by phone and email. The text scam is a somewhat new variation. The Attorney General's Office recommends that consumers never respond to any message requesting account or personal information. Instead, contact the institution using a phone number from a statement or from your bank or credit card company's official Web site.
Phishing and smishing are criminal acts that the state Attorney General's Office lacks authority to investigate. Consumers contacted by such scammers should file a complaint with the FTC: http://www.ftc.gov/ftc/contact.shtm. Federal law enforcement monitors complaints filed through the FTC.
Consumers concerned they may have revealed sensitive information in a phishing or smishing scam should contact their bank or credit card company, if applicable, and monitor their bank statements, credit card bills and credit reports to watch for suspicious activity.