Texts and phone calls can be used maliciously to facilitate theft and fraud. “Vishing” calls (voice phishing) try to alarm you into making payments or providing important financial information. “Smishing” texts (text scams) may encourage you to click on malicious links, activating trojan viruses that can steal passwords and other high-value data.
Many vishing campaigns are high volume, using auto-dial and broadband calling to contact thousands of potential victims per hour. They try to drive fear-based responses: for example, a common scam is a false bank call-back service that pretends to alert you to bank account fraud and then requests detailed card information on response.
Attackers can also take a more targeted approach, such as by impersonating a senior employee requiring urgent assistance. They may seem to be in a rush and will take control of the conversation as they pressure you to provide sensitive information or forward funds to a specific account.
Smishing has begun to overtake vishing in popularity. Smishing texts typically request urgent action, which often means clicking on a malicious link that in turn enables data theft. Spam filters stop many phishing emails from reaching inboxes, but no mainstream solution yet exists to prevent texts from reaching their intended target.