How to report a phishing text?

Question

I received a text message on my phone the other day with an attachment link:

Dear Customer, please contact us about your account Call2bankofamerica

It's an obvious phishing attempt, and I would like to report it but to whom? I called Bank of America and fowarded the message to their abuse department, but now what?

Bank of America was not helpful, by the way. I would like to post it on the internet so people could google this info. This is the first time I've received anything like this and I would like to post a warning.

I don't think there need to be another warning on the internet. Just google for bank of america sms phishing and you already find lots of information and warnings, including from the bank of america itself. — Steffen Ullrich, Feb 27 '17 at 06:06
Well there it is! Thank you for the website--that is what I was looking for and couldn't find. — M.Mat, Feb 27 '17 at 06:07
I contacted the B of A website and sent them the link. I just wanted to get it "out there" about this particular scam Problem solved. — M.Mat, Feb 27 '17 at 06:19
Nobody cares - the mobile carriers actually get money to deliver the spam so why would they stop? — André Borie, Feb 27 '17 at 12:41

score 19 · Accepted Answer · answered Feb 27 '17 at 06:25

19

In the USA, you can report SMS phishing attempts to the US-CERT by forwarding them to 772-6; emailed phishing attempts can be reported to phishing-report@us-cert.gov. See the US-CERT website for more details.

In other countries, you'll have to check with your own government.

answered Feb 27 '17 at 06:25

John Deters

34,205
3
61
113

7

French readers: send the phone number of the phishing text as an SMS to 33700 . You'll then receive another SMS asking you to confirm this number, just send it one more time. – Damien Feb 27 '17 at 10:39
Whether this actually works or not is another matter. The truth is, mobile carriers get paid to deliver those texts, so they are very reluctant to do anything to stop it. Unless legal action is taken nothing will ever be done (and if you take down one spammer, you'll get 3 more to take his place). – André Borie Feb 27 '17 at 12:42
@Damien perhaps this could be edited in – cat Feb 27 '17 at 14:05
@cat, Damien: IMO it should be posted as a separate answer. – S.L. Barth is on codidact.com Feb 27 '17 at 14:33
@cat I can not write an answer anymore, the topic became "on hold". – Damien Feb 27 '17 at 14:59
@JohnDeters: Is 772-6 supposed to be a shortcode of some sort for SMS? Are you sure you typed it correctly? – user541686 Sep 01 '17 at 06:29

score 4 · Answer 2 · answered Feb 27 '17 at 14:28

While there's already an accepted answer, it's local to the United States. This answer hopes to contribute similar information for Canadian readers.

I was recently targeted by such a text (in Canada). Here, we have the GC spam reporting centre, a government-run branch for spam reports.

If the phishing attempt includes a website, you may be able to find the registrar via a WHOIS query, and hit up their abuse centre (usually listed on their homepage). In my case, the registrar had suspended the domain within 24 hours of my report.

How to report a phishing text?

2 Answers2