We’ve talked about phishing… ya know, when you receive an email that tricks you into giving away personal information or opening an infected attachment. Well, today is all about phishing’s younger brother, smishing… a threat that is growing up, right before our eyes!
The name smishing is a combination of the words “phishing” and “SMS texting.” Simply meaning phishing via text. Simple, yet so effective. Why?
Recent statistics show that when it comes to phishing, we’re getting more careful. And although cybercriminals are investing their time and effort to make their spam look very legitimate, we’re aware of the danger and are increasingly attentive when opening emails in our inboxes.
However, it’s very different when it comes to texts. This is because we have an unusually intimate relationship with our smartphones. We use them so much they are almost a piece of ourselves. We read texts on the go and reply to 98% of them, on average! That’s a huge difference in comparison with emails (which we notoriously delete without even looking, lol)!
Are Texts More Trustworthy than E-mails?
And scammers are skilled at taking advantage of that belief – about 87% of all phishing attacks on mobile devices use messaging, gaming and social media apps. Cybercriminals try to lure us via texts to steal our personal information or infect our smartphones to get access to it. Once they succeed, they can easily steal our money, information or identity. And if you use your smartphone for work related issues, smishers can also get access to your business accounts or information. And this means even more problems.
Types of Smishing
Here are a few different examples of smishing:
- An unsolicited reply with your personal information (date of birth, social security number, account number) to convince you it’s legitimate;
- A link which takes you to a website asking to enter your personal details. Very often those texts state that if you don’t do that, you will be charged for a certain service;
- A link to download an app (which is usually malware);
- A message about transferring money to charity or an entity overseas who needs your help, ASAP [eye-roll].
But to date, the most lucrative type of smishing of all is bank smishing. This usually looks like a text alert (allegedly from your ‘bank’), saying there was a large transfer done from your account and that you need to call a certain number to block the fake transfer. If you call, you will be asked to confirm your personal and banking information, after which your money will disappear faster than you can hang up!
How to Protect Yourself Against Smishing
There are some common sense things you can do to avoid being smished:
- Never reply to texts coming from people you don’t know.
- Never reply to texts coming from a number which doesn’t look like a regular phone number, such as 5000. This is the most obvious sign that it’s not a text, but an email sent to your phone.
- Don’t click on links you receive in texts. If they come from a trustworthy source, verify whether they really intended to send them to you.
- Don’t be tempted by any urgent deals as they’re always a hacking attempt!
- Never provide any personal information such as your account number or ATM card code by texts. If you receive such a request from your bank, report it immediately, using the bank’s phone number you find on their website.
- Don't store your credit card information on your smartphone.