How many text messages from companies do you receive today as compared to about two years ago? If you’re like many people, it’s quite a few more.
This is because retailers have begun bypassing bloated email inboxes. They are urging consumers to sign up for SMS alerts for shipment tracking and sale notices. The medical industry has also joined the trend. Pharmacies send automated refill notices and doctor’s offices send SMS appointment reminders.
These kinds of texts can be convenient. But retail stores and medical practices aren’t the only ones grabbing your attention by text. Cybercriminal groups are also using text messaging to send out phishing.
Phishing by SMS is “smishing,” and it’s becoming a major problem.
Case in point, in 2020, smishing rose by 328%, and during the first six months of 2021, it skyrocketed nearly 700% more. Phishing via SMS has become a big risk area. Especially as companies adjust data security to a more remote and mobile workforce.ng
How Can I Text Myself?
If you haven’t yet received a text message only to find your own phone number as the sender, then you likely will soon. This smishing scam is fast making the rounds and results in a lot of confusion. Confusion is good for scammers. It often causes people to click a malicious link in a message to find out more details.
Cybercriminals can make it look like a text message they sent you is coming from your number. They use VoIP connections and clever spoofing software.
If you ever see this, it’s a big giveaway that this is an SMS phishing scam. You should not interact with the message in any way and delete it instead. Some carriers will also offer the option to delete and report a scam SMS.
Popular Smishing Scams to Watch Out For
Smishing is very dangerous right now because many people are not aware of it. There’s a false sense of security. People think only those they have given it to will have their phone number.
But this isn’t the case. Mobile numbers are available through both legitimate and illegitimate methods. Advertisers can buy lists of them online. Data breaches that expose customer information are up for grabs on the Dark Web. This includes mobile numbers.
Less than 35% of the population knows what smishing is.
It’s important to understand that phishing email scams are morphing. They’ve evolved into SMS scams that may look different and be harder to detect.
For example, you can’t check the email address to see if it’s legitimate. Most people won’t know the legitimate number that Amazon shipping updates come from.
Text messages also commonly use those shortened URLs. These mask the true URL, and it’s not as easy to hover over it to see it on a phone as it is on a computer.
You need to be aware of what’s out there. Here are some of the popular phishing scams that you may see in your own text messages soon.
1. Problem with a Delivery
Who doesn’t love getting packages? This smishing scam leverages that fact and purports to be from a known shipper like USPS or FedEx. It states that there is a package held up for delivery to you because it needs more details.
The link can take users to a form that captures personal information used for identity theft. One tactic using this scam is to ask for a small monetary sum to release a package. Scammers created the site to get your credit card number.
2. Fake Appointment Scheduling
This scam happened to a community in South Carolina. They had recently had an installation of AT&T fiber internet lines in their neighborhood. Following the installation, AT&T did a customer drive to sign people up for the service.
During this time, one homeowner reported that he received a text message. It pretended to be from AT&T about scheduling his fiber internet installation. He thought it was suspicious because the address they gave was wrong. The scammer had wanted him to text back personal details.
3. Get Your Free Gift
Another recent smishing scam is a text message that doesn’t say who it’s from. It says, “Thank you for your recent payment. Here is a free gift for you.” It includes a link at the bottom of the message.
This is a widespread scam that many have noted online and it’s an example of a scammer using a common fact. The fact that most people would’ve paid some type of bill recently and mistake the text to be from a company they know. It also lures people in with the promise of giving them a free gift.
Is Your Team Trained in Cybersecurity Safety?
Company cellphones are no exception when it comes to receiving smishing attacks. Keeping your employees current with cybersecurity training will improve cyber hygiene across multiple platforms. Contact Databranch today at 716-373-4467 x 15 or info@databranch.com if you would like to learn more about our Breach Prevention Platform and Security Awareness Training with simulated phishing tests.
Article used with permission from The Technology Press.
comments powered by Disqus
