Have you’ve heard of Phishing. This is a cybercrime that uses scam emails to defraud users into giving away sensitive personal information such as passwords or financial details. With the advent of text messaging, a variant that uses texts instead of emails has made its way to the digital universe.
Smishing, SMS + Phishing = Smishing, is now overtaking Phishing as one of the most effective scamming tools in the bad actor’s cybercrime toolkit.
Smishing uses fake SMS (mobile
Remember the last time you’ve interacted with a brand, political cause, or fundraising campaign via text message? You probably have noticed these communications are occurring far more frequently. It’s no accident. There is mounting evidence that email opens or users accepting push notifications from apps are no longer effective tools to cause users to act. But 98% of SMS messages are read within seconds of being received. Cybercriminals are many things, but stupid is not one of them. They follow user behavior and patterns, and they adjust their attacks (social engineering) to the ones that work the best. Smishing is now a leading technique for scamming, and the bad actors are ramping up their attacks.
There is a psychology behind Smishing
With the world quickly going to a mobile-dominated world, the more prevalent scams like Smishing will become. Evidence shows people have gotten used to and smarter about email spam, but they are also showing signs they are less likely to doubt an SMS message’s legitimacy.
The Smishing scammers rely on your quick reaction to a message that may appear identical to an actual message from, for example, your credit card company. Like many “in your face” scams, one of the primary techniques the bad actors use is to create “URGENCY.” So, they use message titles that indicate the need for an immediate response, such as – “Urgent!” or “Reply now!”. The less you think, or quicker you respond, the better it is for the scammers. But, even if you give the message a good look-over, it’s still possible you could be fooled.
The end goal is to trick a user into an action that plays into the hands of cybercriminals. Smishing campaigns, in particular, often follow natural disasters as scammers try to prey on people’s charitable nature to scam those funds into their own pockets.
Smishy phone numbers.
Some smishes may come from strange
By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.
How to prevent being Smished
New and innovative technology is great, but it has also created more ways to be ripped off. If a text message, from an unknown number promising to get rid of your car loan (but only if you act fast), hits your
Here are some other good practices to avoid these attacks:
- Use your Spidey sense.
-
- Check for spelling errors and grammar mistakes
- Go to the sender’s website rather than responding to the message
- Verify the sender’s telephone number to make sure it matches that of the company it suggests it belongs to
- NEVER provide financial or payment information on any app or Site that you are not 100% sure is trustworthy.
- NEVER click on links from unknown senders or those you do not trust.
- DO NOT trust “act fast,” “sign up now,” “you’re a winner,” or any other aggressive and “too good to be true” offers.
- Type web addresses into your device’s browser rather than clicking on the link.
- Install a mobile-compatible quality
antivirus /antimalware tool on your smart devices.
By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.
Recommended Reading
What is a zero-day threat?
A zero day threat is a security flaw known or unknown to the software vendor which hasn't had a patch made to fix the vulnerability.
14 Ways to Secure Your Home Wireless Network
Many homeowners are just unaware of the security threats that a wireless network might provide if not adequately safeguarded by a secure Wi-Fi network. We would never leave our house's front door unlocked. So you should do the same and never leave your Wi-Fi networks unprotected since it exposes you to the same or even worse threats.
What is Social Engineering?
Social Engineering in the digital world is the intentional deception and manipulation of victims to cause the release and sharing of confidential information used to commit fraud and other cybercrimes.
What is Bloatware?
Preinstalled and unwelcome. Bloatware is unwanted software installed on your digital device; slowing it down, reducing battery life, consuming space and just destabilizing it.
What is a deep fake video and how to spot It
People can easily be fooled into believing they are seeing or hearing something that has no basis in truth in a culture filled with misinformation and deception. Deepfake videos have forced viewers to wonder whether or not what they are seeing or hearing in a video or audio recording is real.
What is a Trojan Horse?
Trojan horse computer viruses are malware disguised as or hidden in legitimate software. Hidden from view and ready to attack.