Don’t be like me. Don’t be dumb.
I feel like a fool. After years of occasionally writing articles about scams and fraud, I fell for a simple phishing scam on my cell phone. I gave up my debit card information to a scammer — possibly one based in the tiny European nation of Montenegro .
It happened like this: Two days after I mailed a package, I got a text message saying the package was undeliverable. A link took me to an official-looking Postal Service website where I was prompted to enter a card number to “re-mail ” the package.
I typed in my personal financial information, even though in retrospect I obviously should have known better.
This experience left me with two burning questions:
- How did these scammers know I had sent a package in the mail?
- Is this something that other people should be worried about? How should they handle it?
So I spoke with a bunch of online security experts. They disagreed about whether the scammers actually knew I had mailed a package.
But they all agreed on one thing: This kind of phone texting scam is becoming increasingly common. People need to watch out, the experts say, because the problem is only likely to get worse.
How the Scam Worked
This was a classic phishing attack.
“Phishing” is when someone poses as a reputable company or organization to get your personal information. They might pretend to be from your bank, or the government or a business you’ve dealt with before. They might ask you for your bank account number , Social Security number, passwords and other information that legitimate companies never ask for.
Here’s how the attack on me unfolded:
I recently mailed a package via the US Postal Service. The important thing to know here is that I almost never do this. I rarely mail packages to people, but this was a special occasion.
Only two days…