Protect yourself from the latest trend in cybercrime! In this week’s episode, Aspen Lindblom will be talking about “smishing”, a type of phishing attack that targets cell phone users via text messages. Cybercriminals will spoof a phone number and send text messages that appear to be coming from a legitimate source, all in order to steal sensitive information. Today we’ll show you how to identify and protect yourself from this new threat.
What Is Smishing?
Smishing is a sophisticated version of a phishing attack, where hackers attempt to steal your personal information through your mobile device. To make a distinction, phishing attacks through mobile devices are divided through two groups: vishing and smishing. With vishing, a hacker attempts to steal your sensitive information directly over the phone. You can learn more about vishing on this episode of One-Minute Wednesday.
Smishing, on the other hand, is an attack that occurs via text message. A cybercriminal will contact you via text message posing as a trusted source, such as your bank or other financial institution. Within the text message, they will usually state that your account has been compromised and request an urgent reply by calling a number or following a URL link.
Once there, the scammer will ask for personal account information such as Social Security numbers, PINs, and passwords. What gives hackers the advantage here is the fact that text messages typically feel more secure than an email or even a phone call. However, it is just as easy to spoof a phone number and send a fake text as it is to spoof an email address.
How to Protect Yourself and Your Business
Here are some tips on how to remain protected from smishing attacks:
- Realize that banks and financial institutions will not ask you for personal information via text, especially if you haven’t established text alerts with them previously.
- Never return calls or texts from unfamiliar numbers. If you’re not sure, look up the number online to confirm the identity of the contact, and then reach out through that public number.
- Be suspicious of any text messages you receive that ask you for sensitive information, or use language such as URGENT, IMMEDIATE, or VERIFY.
- Do not navigate to unknown URL links in text messages, as they can take you to malicious websites.
Understanding how hackers work is an important step to keeping yourself safe. Now you know how to identify smishing and avoid the ever-growing attempts to steal business and personal data. Be sure to join us next week for the latest One Minute Wednesday!
