Security Issues: Smishing

Protect yourself from the latest trend in cybercrime! In this week’s episode, Aspen Lindblom will be talking about “smishing”, a type of phishing attack that targets cell phone users via text messages. Cybercriminals will spoof a phone number and send text messages that appear to be coming from a legitimate source, all in order to steal sensitive information. Today we’ll show you how to identify and protect yourself from this new threat.

What Is Smishing?

Smishing is a sophisticated version of a phishing attack, where hackers attempt to steal your personal information through your mobile device. To make a distinction, phishing attacks through mobile devices are divided through two groups: vishing and smishing. With vishing, a hacker attempts to steal your sensitive information directly over the phone. You can learn more about vishing on this episode of One-Minute Wednesday.

Smishing, on the other hand, is an attack that occurs via text message. A cybercriminal will contact you via text message posing as a trusted source, such as your bank or other financial institution. Within the text message, they will usually state that your account has been compromised and request an urgent reply by calling a number or following a URL link.

Once there, the scammer will ask for personal account information such as Social Security numbers, PINs, and passwords. What gives hackers the advantage here is the fact that text messages typically feel more secure than an email or even a phone call. However, it is just as easy to spoof a phone number and send a fake text as it is to spoof an email address.

How to Protect Yourself and Your Business

Here are some tips on how to remain protected from smishing attacks:

  1. Realize that banks and financial institutions will not ask you for personal information via text, especially if you haven’t established text alerts with them previously.
  2. Never return calls or texts from unfamiliar numbers. If you’re not sure, look up the number online to confirm the identity of the contact, and then reach out through that public number.
  3. Be suspicious of any text messages you receive that ask you for sensitive information, or use language such as URGENT, IMMEDIATE, or VERIFY.
  4. Do not navigate to unknown URL links in text messages, as they can take you to malicious websites.

Understanding how hackers work is an important step to keeping yourself safe. Now you know how to identify smishing and avoid the ever-growing attempts to steal business and personal data. Be sure to join us next week for the latest One Minute Wednesday!


More Posts

Cup of IT: Sending Secure Emails with Microsoft 365

Microsoft 365 comes with several built-in security features that allow your organization to manage how sensitive information is handled via email. On this episode of Cup of IT, we’ll be discussing how to send secure emails using sensitivity labels, email encryption, and the do-not-forward options in Microsoft 365.

Clean Your Inbox with Outlook Folders

Using Outlook folders is a great way to begin relieving the stress of managing your inbox. On today’s One-Minute Wednesday, you’ll learn how to create customizable folders that can automatically categorize your email, giving you a better experience with your inbox.

Blocking Senders in Microsoft Outlook

Tired of junk mail getting past your built-in spam filter? You can quickly and easily train your junk folder in Microsoft Outlook. On today’s One-Minute Wednesday, Sean Mountain will show you how to mark email as junk and block senders, giving you more power over what shows up in your inbox!

Getting Started With Two-Factor Authentication

Today’s cybersecurity landscape is filled with a variety of evolving threats, demanding new ways to protect your data. On this week’s One-Minute Wednesday, we’ll cover how Two-Factor Authentication can keep you safe from the vast majority of cybersecurity breaches.