In late March 2020, the Scandinavian bank Danske released a statement informing the public that a widely shared text message warning of a “smishing” scam (shown above) was itself fraudulent.
“Smishing” is a real term that combines “SMS” (“short messages services” or texting) and “phishing,” which is when thieves try to con people into divulging passwords or other personal or financial information electronically. In other words, smishing is phishing via text.
Danske Bank said the spam text message impersonated the bank and informed consumers to be wary of a non-existent smishing scam in which clicking a link supposedly led to an immediate draw-down of bank account money. Danske’s statement reads:
We’re aware of a rumour currently circulating on WhatsApp, text and social media […] which claims that Danske Bank customers are being targeted by a particular text message (smishing) scam. The content of this message is false. We’re not aware of any message which is specific to, or targeting, our customers.
However, smishing scams are really common. If you receive a message requesting personal information under the pretence of needing to make a payment, do not click on the link or provide the information which is being requested, as it will go straight into the hands of a criminal.
Anyone who has shared information after receiving this type of message should contact us, or their bank immediately.
A similar fraudulent message spread in the United Kingdom via the Facebook-owned messaging platform WhatsApp, claiming that the warning was coming from law enforcement in London. But both City of London Police and Action Fraud, the U.K.’s national cyber fraud reporting agency, confirmed that the information was false.
Action Fraud added in a statement: “It’s important to remember that your bank would never ask you to move money out of your account, or contact you out of the blue and ask for details such as your full banking password or PIN.”