Lesley-Ann Thompson’s cell phone buzzed the other week with a text message telling her she had won a $1,000 gift card from Best Buy.
“It said my entry had won, and I knew I hadn’t entered anything,” said Thompson, who was sharing late-morning conversation with a friend at Alon’s Bakery and Market in Dunwoody.
Best Buy had nothing to do with the text message, the contest or the alleged gift card. The whole thing was a fraud, as confirmed by Thompson’s fiance. He searched online and discovered a list of responses from people that said they had received a similar message on their mobile phones.
“It didn’t surprise me, actually,” Thompson said.
But some consumers may be lured in by what seems like free money. They open an attached link or call the number included in the message. After following a few prompts, someone has their financial or personal information as well as the ability to steal money from them.
As more people buy Smartphones, the opportunity for scams becomes more attractive. Mobile phone consumers received 1.5 billion text spam messages in 2008, for example. In 2011, that figure shot up to 4.5 billion text spam messages, according to Ferris Research, a market research firm that tracks mobile spam.
While striking, those numbers are significantly less than one percent of all text messages that go out, said Lance Skelly, spokesman for Atlanta-based AT&T Mobility, the nation's No. 2 wireless carrier.
Text spamming is illegal, but that’s not stopping spammers, who typically start by sending out tens of thousands of messages at once. Most use a computer to generate millions of mobile phone number combinations, hoping even a fraction of those numbers are working and that someone will respond.
Skelly at AT&T Mobility warned of recent scams such as one that emerged after Hurricane Isaac. Customers reported receiving text spam messages saying they had qualified for public assistance to recover from storm damage.
“Most people would probably figure out it’s not a legitimate website,” he said. “Sometimes these messages prey on people who are having a hard time and who are in a real need.”
Mobile phone companies are trying to fight back with a combination of internal security measures and by asking customers to aggressively report spam messages to their wireless carrier.
Security company Cloudmark created a spam messaging reporting service that nation’s major wireless carriers agreed earlier this year to start using. Now, customers of AT&T Mobility, Verizon Wireless, T-Mobile, Sprint and others can forward their text spam message to 7726. The mobile phone carrier will ask customers for the phone number that’s linked to the spam message so they and Cloudmark can start investigating.
“Whenever [a spam message] comes to you, it doesn’t mean you shouldn’t say anything to anybody,” said Jeff Blyskal, a senior editor at Consumer Reports magazine.
Two federal laws ban text spam in most instances. A few cases have made it to the courts. Last year the Federal Trade Commission settled a case against an alleged spammer accused of sending unsolicited commercial messages pitching mortgage modification services to consumers. The man also was accused of misrepresenting that he was affiliated with a government agency.
Christine Todaro, an attorney with the FTC, said customer complaints were “pivotal” in prosecuting the case. The man was banned from sending future text messages as part of the settlement reached.
Not every text message from a retailer, mobile phone company or service provider is spam. But companies are prohibited by federal law from sending out messages unless a customer gives an “OK,” which is usually by signing up online or in a store.
“If something doesn’t look right, look into it,” said Kate Jay, an Atlanta-area spokeswoman for Verizon Wireless.
If a message instructs you to type “STOP,” saying you won’t get any more texts, the opposite is true. Sending “STOP” only confirms that the mobile phone number is a working one. At the very least, ignore the text spam message, though experts point out that doesn’t help track down the source.
Customers who are attached to their Smartphones, frequently making sure they haven’t missed a text message, phone call or email, become a captive audience for spammers. If a consumer gets a text message purporting to be from a store they frequent or from their bank, they are more likely to think the message is a valid one. This means the chances of that person responding to the spam message have gone up significantly.
“That’s the common misperception: people think that this is targeted to them personally. That someone has their number, and that it’s really meant for them,” said Mary Landesman, senior security researcher at Cloudmark, a San Fransisco-based firm that provides messaging security for major wireless carriers.
Going to the website to redeem that too good to be true offer or calling the number listed in the text spam message to what you think is your bank may seem innocent enough. But then customers are asked to give their account login and password. Or, they could be asked to hand over credit card information, the card’s security code and their social security number.
“And so now you’re giving some stranger your username and password to your bank information, and then they can log in and do whatever they want,” said Blyskal at Consumer Reports.
In cases where customers willingly give up their credit card and other personal and financial information, those numbers end up being sold to other cybercriminals.
For customers who have limited data plans or who are charged per text message, receiving several text spam messages a month can be costly. Spam messages that include audio, videos or photos can cost even more for customers who don’t have data plans.
[Text spam] is illegal for a reason, it costs people money,” Skelly at AT&T Mobility said.
About the Author