We have been alerted that there is an active phishing text campaign in which clients receive a text message from an international number and it mentions a disbursement from the client’s account. It then asks to click on a link to log into their account to verify the transaction. Please review the red flags below to help you identify if the text is a phishing attempt:
- The texts are coming from different international phone numbers.
- The texts notify that an ACH was debited from your Schwab account, typically in the thousands of dollars.
- The text then instructs you to cancel the disbursement if you did not request it, by replying “Y” and clicking on the link provided.
- The link’s URL is a variation of a spoofed Schwab domain. For example, https://schwbba.com, https://schwabd.com, https://schwbab.com, etc. (note the misspellings).
Be aware:
- Schwab does not notify clients via text message about completed transactions.
- Schwab does not send out text messages from international numbers.
Keep in mind: Unlike many other attacks, smishing isn’t necessarily an indication that you have been compromised—the attackers send a message to a large number of randomly chosen phone numbers, hoping some of those people will respond.
Steps to follow if you suspect smishing:
- Take a screenshot of the text and forward it to [email protected] (Make sure the phone number is visible).
- Delete the text message.
- Add security measures to your Schwab accounts, such as two-factor authentication and verbal passwords.
- Report suspicious or fraudulent activity in your accounts as soon as possible, including if you entered your Schwab credentials into a fake website.
Note: If you have clicked on the phishing link, run an anti-virus and anti-malware scan on your device.
Ways you can protect yourself:
- Do not click on links or attachments included in a text message.
- Slow down if a message is urgent. Urgent account updates and limited-time offers are red flags of possible smishing. Remain skeptical and proceed with caution.
- Avoid using links or contact information from the message. Go directly to the official channels/websites.
- Double-check the phone number. International numbers or odd-looking numbers, such as 4-digit phone numbers, are tactics that scammers use to mask their true phone numbers.
- Do not enter your Schwab credentials or other personal information via an unverified link. Instead, enter the address you are familiar with directly into your browser to visit the trusted website and log in as usual.
- Double-check that the URL is not a subtle variation of the real one.
- Do not call phone numbers received through unsolicited messages. Always use a verified number that you have used in the past or is found on your account statement.
Resources
For more information on Phishing schemes and other fraud tactics, please visit the Cybersecurity Resource Center > Fraud Prevention in Schwab Advisor Center.
Fraud Prevention:
- Public site: https://advisorservices.schwab.com/navigating-risk-regulation/cyber-security
- Retail site: SchwabSafe | Charles Schwab
If you have any concerns or need to confirm the validity of a Schwab communication, feel free to contact your EKS Associates advisor.
