We’re all familiar with the scam emails that carry malicious links. Email providers are doing an excellent job automatically filtering these out of your inbox and sending them straight to the spam folder.
Text messages and SMS phishing scams are becoming so prevalent that they have their own name – smishing.
What is Smishing and How Does it Work?
Smishing is a type of phishing whereby attackers use malware or fraud websites linked to text messages or messaging apps to trick people into giving sensitive information. Like email phishing uses links in emails, smishing uses malicious links attached to text messages to prey on people’s trust.
Not only do attackers try to steal data from their prey, but they also try to get people to give up their banking information. Anyone with a cell phone or data-based apps is vulnerable to these spam messages, so education about these scams is essential.
What are the Different Types of Smishing Attacks?
People launching smishing scams are very creative in their pursuit of sensitive data. These scams are adapting, and attackers are using new tactics all the time, but some basic ideas are still persistent.
Covid-19 Related Smishing Scams
Attackers use smishing scams related to Covid-19 to access your identifying information, like your social insurance number. Since there are many public health authority updates, government relief programs, and more official information related to the pandemic, hiding smishing scams among legitimate information is the perfect place for exploitation. People’s fears and unease around their health and finances make them vulnerable to scams.
Order Confirmation Smishing Scams
Shopify and many other reputable platforms can send invoices, order confirmation, and shipping details by text if you opt-in. Scammers rely on people’s trust in these features to send false confirmations. Whether they threaten a fee by not clicking the link or urge you to take action so your order goes through, they prey on the surge of online shopping to steal sensitive information.
Customer Service Smishing Scams
Scammers posing as customer service representatives that tell you of an issue create a sense of urgency in response. These scammers claim to be from large companies, like Netflix, Amazon, Google, and more, to instill a sense of trust. They try to get entry to your account to steal your account or personal information.
The scam works by claiming there is an issue with your account access, billing, or unusual activity on your account. If there are any issues with these things, these companies are likely not going to text you to tell you about it.
How to Protect Yourself from Smishing Scams
Even though you’ll still get smishing messages until mobile carriers learn to filter them out, there are some things to do – and not do – to keep yourself safe.
Don’t Respond
Responding to the text messages, even if they promise to unsubscribe you from a list, can open you up to more messages. It lets scammers know that your number is active, effectively making you a target for future spam messages.
Don’t Touch the Links
This advice might seem obvious, but scammers use links that look close to legitimate websites, and it can play tricks on the eyes. If you feel like a message about your accounts or online orders is real, go to your computer and log onto the portal directly to check any notifications. If there really is something to be concerned about, it will be there.
Report Spam
You can now easily report smishing scams. Forward any spam messages in Canada to 7726 (SPAM on most keyboards) to report the scam to your mobile carrier. It will help your provider know to block future texts of that nature.
Bottom Line
Whether you’re on your mobile device or a computer, you always need to be diligent against malicious attackers and scams. If you need help keeping your business secure from data loss, malware, and cyberattacks, contact Foresight for IT to learn about our services.