last updated 03/26/2021
SMishing is the use of SMS text messages to trick people into revealing information about themselves or defraud them of money. A recent confidence scam spoofs a cell phone number of a church member or a pastor to text congregants, asking for money or gift cards. It’s fairly cheap and easy to spoof a phone number, which makes this a popular scam. Using the church helps to legitimize the text and increases the scam’s success. If the story is believable, most people will want to help their church.
Encourage them to report any incident to the church administrator before sharing personal information.
|Source?||Available information?||How is it used?|
|Church website||Church leadership phone numbers and email addresses.||Phish (email)
|Church bulletins, newsletters, and calendars||Phone numbers, birthdates, participants at events, descriptions of event, including the name, date, and location.||Same as above, but more details can be gleaned from these sources to gain confidence.|
|Forgotten online artifacts||This could be Word docs, PDFs, survey results, anything that is served up in a Google search.||Once a scammer has narrowed in on a phone number to spoof, they search for more information to support their scam story.|
|Together, all of these sources could help a scammer build a credible story and a successful scam.|
Confidence scams come in many forms and are becoming more prevalent. Your church collects a lot of information that would be invaluable to a scammer. That’s why we have strict data security measures in place to protect against a data breach. Unfortunately, those protections can’t guard against every threat. You must take steps to protect your data too.
Use unique/complex passwords -> don’t share logins -> don’t leave computers unlocked and unattended.
There are several different gift card scams out there. Please read the Federal Trade Commission’s article Worshipers targeted by gift card scams for more information and details on how to report your particular scam.
If you believe your ACS Technologies’ product has been compromised, we want to investigate immediately. Email us at email@example.com.