How many text messages from companies do you receive today as compared to about two years ago? If you’re like many people, it’s quite a few more. This is because retailers have begun bypassing bloated email inboxes. They are urging consumers to sign up for SMS alerts for shipment tracking and sale notices. The medical industry has also joined the trend. Pharmacies send automated refill notices and doctor’s offices send SMS appointment reminders. These kinds of texts can be convenient. But retail stores and medical practices aren’t the only ones grabbing your attention by text. Cybercriminal groups are also using text messaging to send out phishing. Phishing by SMS is “smishing,” and it’s becoming a major problem. Case in point, in 2020, smishing rose by 328%, and during the first six months of 2021, it skyrocketed nearly 700% more. Phishing via SMS has become a big risk area. Especially as companies adjust data security to a more remote and mobile workforce.
If you haven’t yet received a text message only to find your own phone number as the sender, then you likely will soon. This smishing scam is fast making the rounds and results in a lot of confusion. Confusion is good for scammers. It often causes people to click a malicious link in a message to find out more details. Cybercriminals can make it look like a text message they sent you is coming from your number. They use VoIP connections and clever spoofing software. If you ever see this, it’s a big giveaway that this is an SMS phishing scam. You should not interact with the message in any way and delete it instead. Some carriers will also offer the option to delete and report a scam SMS.
Smishing is very dangerous right now because many people are not aware of it. There’s a false sense of security. People think only those they have given it to will have their phone number. But this isn’t the case. Mobile numbers are available through both legitimate and illegitimate methods. Advertisers can buy lists of them online. Data breaches that expose customer information are up for grabs on the Dark Web. This includes mobile numbers. Less than 35% of the population knows what smishing is. It’s important to understand that phishing email scams are morphing. They’ve evolved into SMS scams that may look different and be harder to detect. For example, you can’t check the email address to see if it’s legitimate. Most people won’t know the legitimate number that Amazon shipping updates come from. Text messages also commonly use those shortened URLs. These mask the true URL, and it’s not as easy to hover over it to see it on a phone as it is on a computer. You need to be aware of what’s out there.
Here are some of the popular phishing scams that you may see in your own text messages soon.
Who doesn’t love getting packages? This smishing scam leverages that fact and purports to be from a known shipper like Takealot or Post Net. It states that there is a package held up for delivery to you because it needs more details. The link can take users to a form that captures personal information used for identity theft. One tactic using this scam is to ask for a small monetary sum to release a package. Scammers created the site to get your credit card number.
This scam happened to a community in South Carolina. They had recently had an installation of AT&T fibre internet lines in their neighbourhood. Following the installation, AT&T did a customer drive to sign people up for the service. During this time, one homeowner reported that he received a text message. It pretended to be from AT&T about scheduling his fibre internet installation. He thought it was suspicious because the address they gave was wrong. The scammer had wanted him to text back personal details.
Another recent smishing scam is a text message that doesn’t say who it’s from. It says, “Thank you for your recent payment. Here is a free gift for you.” It includes a link at the bottom of the message. This is a widespread scam that many have noted online. And it’s an example of a scammer using a common fact. The fact that most people would’ve paid some type of bill recently and mistake the text to be from a company they know. It also lures people in with the promise of giving them a free gift.
Smishing scams are very clever and can easily infect your device with malware. Do you have the knowledge and skills to safeguard your business?
We can take it a step further and offer you a free IT assessment!
Article used with permission from The Technology Press.