Be Aware Of These Top Smishing Attacks [Highly Active 2019–21]
Nowadays it’s easy for one to fall victim to a chiseller especially if you don’t have enough knowledge or awareness of attack vectors they utilize to scam you. The scams are carefully done combining both expert knowledge and social engineering to manipulate their victim(s). There’s usually no room for mistake, and that’s why more than often people fall victim to such scams. The only solution to not fall into the attacker’s snare is to first of all dive into his, live in his reality, identify the ways in which the whole operation is executed(and if you’re lucky enough to figure it out, make sure you raise awareness to the public). By doing that, their current scamming methods would end up becoming obsolete, forcing them to think of new methods of manipulating users utilizing internet devices.
Today’s post will focus on phishing attacks, and to be specific, smishing. That is, answering the what is smishing attack question, types of smishing attacks, how to spot and protect yourself from smishing attacks and finally raising awareness to the public.
Let’s get started:
What is a smishing (SMS phishing) Attack?
Smishing is a form of phishing /scam in which a cyber attacker utilizes mobile phones as the attack platform to trick his/her victim(s) using compelling texts in order for them to click a link(s) and without being aware, send the attacker private information or download harmful programs to the phone.
Types of Smishing Attacks
Below are the two common types of smishing attacks actively being utilized by cybercriminals in the midst of the Covid pandemic:
1. Text Smishing
2. COVID-19 Smishing
Text Smishing
Smishing attacks use text messages or Short Message Service(SMS) as an attack platform to make them look like they were sent from a trusted/reputable company so as to get you to do something like for example share your confidential information without you(the victim) being aware.
Some of the common smashing examples might include fake package update notifications, bank notifications of fraudulent activity, act-now coupons, a sick kid in school that needs urgent money sent to a given number, free money award on a ruffle but you have to send money first to withdraw the rest &c.
COVID-19 Smishing
Messages utilizing COVID-19 as an attack vector are categorized under COVID-19 smashing which is based on legitimate aid programs designed by healthcare, not-for-profit organizations, governments as well as financial organizations to its employees and customers at large.
The aim of COVID-19 smashing scams is to manipulate victims using social engineering into revealing personally identifiable details(Identity cards, passport numbers, social security numbers, emails as well as phone numbers).
How To Spot & Protect Yourself From Smishing
The simplest way to avoid the above scams, as well as others, is to:
1. If you receive a message asking you to update bank details and or about bank fraudulent notifications, call your bank to confirm, if that is not possible at the moment you can also cross-reference the sender details to your bank’s details(shortcode or email address).
2. Do not click any unknown links especially the shortened ones.
3. Don’t give out your financial and personal information to just anyone that asks for it. Be a “karen” or “terry” on matters pertaining to your information. Stand your ground. Privacy matters.
4. Avoid replying to scam messages especially if they sound too good. Call the official number of the company or institution they claim to be from for confirmation and or reporting before replying to the said SMS.
5. Finally, most service providers issue a shortcode or a quick method in which their service users can report and block spam/fraudulent numbers, kindly utilize it.
Raising Awareness
Having talked a little bit about smishing, a part of phishing attacks that includes vishing, spear, whaling, pharming, clone &c, it would be a pleasure if you could share what you’ve learnt today with others to raise awareness of the dangers and ways to avoid being a victim of smishing attacks.
Privacy is not an option, and it shouldn’t be the price we accept for just getting on the Internet. Our voices matter and our actions matter even more. ~ Gary Kovacs
That’s for today! Stay safe.
