The steady evolution of mobile technology has opened up many opportunities to increase productivity, stay connected with friends and family, find entertainment and stay informed on the latest news. However, these benefits come with a cost: they represent new ways for identity thieves to gain access to your personal information through phone scams.

Though there will always be some risk when connecting your smartphone or tablet to services, you shouldn’t have to completely give up these amazing conveniences to protect your privacy. When you educate yourself about common mobile phone scams, you’ll be able to spot nefarious attempts to steal your data and take action against thieves.

Here are three ways scammers may attempt to steal your personal information and how to avoid them:

1. Robocalls

This scenario is probably familiar to you: Your phone rings with an unrecognized number. The area code is local, so you answer the call. Maybe a friend or family member got a new number, you think. But when you answer, you’re met with a few seconds of silence. Eventually, someone begins talking. Sometimes they claim that you called them and they want to know your name. Other times, they ask about the virus protection on your computer.

These are robocalls, and they’re getting worse and worse every year. In fact, the YouMail Robocall Index found that over 47.8 billion robocalls were made in the U.S. in 2018, a 56.8% increase over the previous year.

“It’s astonishing how many robocalls were made nationwide in 2018,” said YouMail CEO Alex Quilici. “We’re now talking about 150 or more robocalls for every adult in the U.S. over the course of the year, and many of these robocallers are unwanted scammers trying to trick people out of their money or personal data.”

Scammers use auto-dialers and spoofed area codes to trick people into picking up the phone. From there, it’s a numbers game. The scammers want to get as much personal information from the call recipient as possible. That can include anything from names and birth dates to credit card numbers.

How to protect yourself:

• Don’t answer calls from unknown numbers. Even if you pick up the phone and hang up immediately, the scammers will know your number is active and keep calling. By letting your phone ring until the call ends, scammers will assume your number is inactive.
• Sign up for the Do Not Call Registry. This will only limit legal telemarketing calls, but every little bit counts.
• Never give your information to someone you don’t know. Companies won’t call you to ask for your personal information. If you didn’t initiate the contact, don’t give away any of your information.

Fortunately, Congress and the FCC are pushing initiatives to clamp down on robocalls, but until then, it’s best to do your part and work to avoid answering calls from numbers that you do not know.

2. SMS phishing

SMS phishing is a criminal technique that uses text messaging as a channel for social engineering to gain someone’s personal information. In this case, social engineering refers to psychological manipulation, like the tricks con artists use to steal from unsuspecting marks.

In this type of scam, a fraudster sends out ‘bait’ over an SMS shortcode. A shortcode is a 5-digit phone number. You might have seen them on TV: “Text HEART to 55555 to donate $5!”

The bait is typically something that will set off a psychological impulse in the receiver. For example, a common SMS phishing scam tells people they’ve just won a large cash prize. The receiver just needs to send some personal information to “verify” their identity. Of course, there is no cash prize. Some scammers will even pretend to represent charities and try to solicit “donations” from unsuspecting-yet-good-natured people.

How to protect yourself:

• Be wary of unfamiliar numbers, especially if they appear in short-code format. Generally, you won’t receive messages from shortcodes unless you’ve given an organization explicit permission to send you marketing messages.
• Check the authenticity of shortcodes via the S. Short Code Directory.

3. Phony cell-phone accounts

If someone steals your smartphone, they may be able to access sensitive information within your apps, change your account preferences and even gain access to your financial assets. But what if scammers didn’t need to steal your phone to do all that? That’s exactly what phone hijacking is, and about 340,000 individuals fell victim to this type of scam in 2017 alone.

Here’s how it works: A fraudster finds information about a person online such as their name, phone number and physical address. Once they have enough information, they visit a phone carrier store and upgrade the victim’s account to a brand new phone. The carrier transfers all of the information to the new phone and the scammer walks away. Meanwhile, the victim’s phone is completely deactivated.

It may take several hours for the actual owner of the phone to realize something is wrong and take action to remedy the situation. For instance, if their phone is connected to Wi-Fi, they may not notice they’re not connected to a mobile network until they are no longer on a Wi-Fi network.

How to protect yourself:

• Get a PIN for your phone account. You can call your service provider and request that a PIN be required for any changes made to your account. If a fraudster does attempt this scam, they’ll be challenged with a PIN request and stopped cold.
• Keep your personal information off social media. Sites like Facebook are where most scammers obtain the basic information they need to masquerade as their victims.

Your mobile phone is just one entry point for fraudsters who want access to your personal information. To learn more about protecting yourself and your financial assets, check out our educational resources today.