SMiShing

What is SMiShing?

“SMiShing” is really just another form of Phishing, and occurs when a fraudster sends you a SMS/text message asking you to provide sensitive, personal, and/or financial information via a web link and false website, or a telephone number. The messages could appear to be from T-Mobile, or from some other entity you do business with. Please note that T-Mobile will never ask you to “confirm” or “verify” your sensitive personal information in an unsolicited SMS text message. While we generally need account verification information when you contact us, we will not request such information when contacting you.

The most common examples of SmiShing occur when fraudsters send text messages posing as a customer’s financial institution or other business that might have access to sensitive personal information. The message often attempt to alarm the customer. It may threaten dire consequence if you don't respond immediately. The message may direct you to a toll-free number or website that looks just like a legitimate institution’s number, but in fact it is not. Once you have called the number or clicked on the email link, they may ask you to “verify” (give them ) your sensitive information such as credit card number account number and expiration date; your Social Security Number, Bank Account Number and pass code, etc.

Examples of fraudulent SMiShing messages:

• Credit Union N.A. Please call us immediately at 1-888-xxx-xxxx regarding a recent restriction placed on your account. Thank you.
• Alert!! Honolulu City & County Employees has limited your account pending verifications. Contact us NOW at 213-xxx-xxxx.

Steps to Take

If you receive a text message that asks for sensitive information:

• Do not reply to the message.
• Do not click on any of the links that may be embedded in the message.
• Contact T-Mobile’s Privacy Team at privacy@T-Mobile.com and forward a copy of the e-mail so that we may investigate it. If our company name or brand is used in efforts to fraudulently obtain personal information, we will work aggressively to halt those activities.
• Contact your bank, financial institution, or other entity you do business with directly to determine if they sent you a legitimate request.

If you believe that you have been a victim of a SMiShing scam, you should file a complaint at http://www.ftc.gov, and then visit the FTC Identity Theft Web site at http://www.ftc.gov/idtheft to learn how to minimize your risk of damage from identity theft.

SMS Spam

What is SMS spam?

SMS spam is any unwanted or unsolicited text message sent indiscriminately to your mobile phone, often for commercial purposes. It can take the form of a simple message, a link to a number to call or text, a link to a website for more information or a link to a website to download an application.

What should I do if I receive spam text messages on my wireless phone?

T-Mobile is committed to fighting mobile spam and encourages our customers to report unsolicited messages to us for investigation. If you receive an unsolicited message please forward it to the Spam Reporting Service following the three simple steps below:

• 1. Forward the message to 7726 (which spells “SPAM” on most phone keypads). Please don’t edit the message or add any comments.
• 2. We will reply to your message with an SMS confirming we have received it and asking you to send us the number of the original sender.
• 3. Please send us the telephone number of the person who sent the spam. We will use this information to help identify who is sending spam and take appropriate action.

By reporting SMS spam, you are helping us identify spammers and the messages they send. There is no charge to report mobile spam. Messages forwarded to 7726 do not count toward your plan.