Phishing is when cyber attackers use fabricated emails to trick you into giving them access to your information. And maybe you've heard of vishing - when criminals use phone calls to try to trick you into giving them information. Hackers are also utilizing a different channel, smishing - which uses SMS messaging, including but not limited to, apps such as iMessage, Slack, WhatsApp, or Skype.
Smishing attacks are particularly dangerous because texting and other SMS messaging feels more personal than emails do, so it’s easier to fall into the hacker’s trap without feeling suspicious. Additionally, emails include plenty of clues that might indicate a phishing attempt, including the address of the sender, the formatting of the email, or poor grammar. These clues don’t necessarily arise in SMS formats.
If you’re not familiar with smishing, or what a smishing attack may look like, don't worry. Below, we’ll provide some scenarios and tips for defending yourself against this hacking method.
Scenario Text Messages:
- You have won an iPhone, click <here> to claim your award!
- A package could not be delivered, click <here> and provide your information to correct.
- Thank you for your payment, <here> is a token of our gratitude.
- Urgent bank transaction authorization. Reply ‘yes’ or ‘no’. (Followed by a phone call from scammers pretending to be a bank’s fraud department, leading to credit card scam to correct a fabricated issue.)
- You receive a text from an unknow number pretending to be someone you know.
Questions to ask regarding unsolicited text messages:
- Does the message create a tremendous sense of urgency or require immediate action?
- Is the message taking you to websites that ask for your personal information, credit card, passwords, or other sensitive information they should not have access to?
- Does the message sound too good to be true?
- Does the linked website or service force you to pay using non-standard methods such as Bitcoin, gift cards or Western Union transfers?
- Does the message ask you for the multi-factor authentication code that was sent to your phone or generated by your banking app? Never give this out.
- Does the message look like the equivalent of a “wrong number?” If so, do not respond to it or attempt to contact the sender; just delete it.
When it comes to SMS phishing attacks, you are your own best defense! When in doubt stop and think before responding to or clicking links within SMS messages. Just like with phishing attacks it only takes a second to fall victim to a scam.
You May Also Like
Here are six steps you can take to create and manage your household budget.
Most know that it’s wiser to keep our money safely deposited in a financial institution, and they’re generally divided into two categories: banks and credit unions. But what’s the difference?
If you’re focused on saving, you’re probably on the lookout for the ideal way to leverage the money you already have in reserve.