It may be that, due to bad luck or lack of attention, you come across that you have opened a suspicious SMS and now you are wondering what to do. Unfortunately, you are not the only person who has had to face these situations, as more and more scammers and hackers are using these messages to sneak into our devices.
It is curious, because with the arrival of WhatsApp and other instant messaging applications the use of SMS had become a thing of the past. However, at present they are a contact channel that the different public administrations frequently use to address citizens and also many companies (banks, telephone operators, parcel companies, etc.) to communicate with their customers. Criminals know this, and try to take advantage of it.
The most typical example is the SMS from the bank in which we are alerted to a strange movement in our account and asks us to click on a link where we can enter our data to resolve the issue. It is the sadly famous smishing (Phishing by text message). Another typical case is that of a false notice of delivery or loss of a package, now that online purchases are already a widespread habit.
It must be said that, in most cases, it is easy detect if we have received a fraudulent SMS. When we receive notices from banks in which we do not have an account, or about packages that we have not ordered. Something that also makes us mistrust is the bad writing, often with misspellings, of the SMS texts that arrive to us. Something inappropriate for administrations or serious companies.
But sometimes the "bad guys" are really sneaky and know how to impersonate senders. Or they just catch us off guard. That's when we fall into his trap. If we find out in time, we can still fix the bug.
What risks do we face?
The consequences of having opened a suspicious SMS can be very varied. In many cases, nothing happens because the scammer has not known or has not been able to use the sensitive information that we have inadvertently put on a tray. It may also be that nothing bad happens because we have achieved react in time, as we explain later.
However, many other times we can be victims of compromising data theft, such as our bank credentials or the credentials of our accounts on social networks and other online services. All of this, obviously, can lead to very serious situations.
Obviously, the ideal is that we should always be prudent and even somewhat suspicious when it comes to responding to this type of message. But when the damage is already done, that's no use anymore. Despite everything, still there are some actions we can take to avoid greater evils.
¿Qué se puede hacer?
If we have opened a suspicious SMS and have clicked on any of the links it includes, this is what we should do:
- The first and most urgent thing is immediately disconnect our mobile from the Internet (both WiFi and mobile data), to leave it isolated and, for the moment, inaccessible to criminals.
- Next we must check installed apps on our device in search of one that has been installed recently or that we do not remember having installed ourselves. It is possible that it is some spyware that we must uninstall as soon as possible.
- Sometimes uninstalling those apps is either so easy or it can't be completed at all. In that case, it is best to restore equipment to its factory settings.*
- If we are sure that a data theft has occurred, it is necessary file a virtual complaint by Phishing before the National Police.
- We also have to call our bank to unsubscribe our bank cards, change the password for online banking and, in general, for all the online services that we regularly access over the phone.
(*) Before doing so, it is advisable to take some screenshots as evidence when filing a complaint.
Unfortunately, the actions that a bank can take when this type of fraud occurs are limited in scope: if someone has used our card to make a purchase, there are possibilities of recovering the money; if a transfer has been made to another bank, recovery will largely depend on the destination bank. The important thing is to inform the bank as soon as possible and explain well what has happened.
Prevent better than sorry
But the best antidote against suspicious or fraudulent SMS is be always alert. We will not be able to avoid receiving them, but it is in our hands to apply common sense, ignoring and deleting these SMS. For example, if we receive an alleged message from our bank requiring immediate action ("click the link" or "enter your security code"), it is better to act coldly and call the bank office to clarify the matter.