10 things you can do to avoid being a texting scam victim

Ben Rothke
4 min readDec 29, 2021

Scammers love texting — that’s why you get so many texts


It starts as an innocuous text message like the one below. People click on these links for several reasons, the main ones being they think it’s from their bank or that they are busy at work and let their guard down. The term smishing is when a scammer sends text messages pretending to be from a trusted source.

And on any given day, tens of millions of scam texts go out. And even if but .0001% of these scams succeed, that leaves 1,000 victims. Scammers in third-world countries can make a lifetime of wages off a single con, so the incentives are significant. Combine with the US telcos that refuse to put adequate controls in places to stop smishing, robocalls, and other scams, and this won’t be going away anytime soon.

In this case, I got a text that purported to be from Chase and that a new action was required. But why Chase?

Scammers particularly like Chase since they provide financial services to almost half of the households in the US. With over 100 million potential victims, that spells success for a scammer. For victims, they will find that their bank accounts will be drained.

So how does one avoid being a victim? In short, by having an awareness of the issues.

As to this text, the first very bright red flag is that it is not from the main Chase domain of https://www.chase.com/.

The AR country code shows that it is a domain from Argentina. If it were really from Chase Argentina, the message would also be in Spanish.

The site is for Masera Motos, a Hondo motorcycle dealership in Córdoba, Argentina. It’s likely that some rogue employees there were running this scam. Clicking on the link takes you to the following page, which looks like a legitimate Chase login page. But they just used a forged Chase logo and imitated their website style.

Ben Rothke

I work in information security at Tapad. Write book reviews for the RSA blog, & a Founding member of the Cloud Security Alliance and Cybersecurity Canon.