Have you ever noticed any random ring on your phone from your bank informing you that your account has been suspended? Check your phone right now. You’re sure to see at least a couple of unsolicited messages in your inbox calling for one of two actions – click the link or call the ‘legit’ number provided.
What is Smishing in Cyber Security?
Attracting cell phone users to give away any form of personal information via their phones is called ‘Smishing’ – a new age cyber crime. Being one of the most bothersome forms of threats out there, smishing is actually quite effective in retrieving info from unassuming users.
Smishing is a Phishing
Smishing is a word derived from ‘SMS phishing’ and is an immediate action seeking tool used by attackers to retrieve personal data. If you look up their sleeve, you’ll find two trump cards that they regularly employ for their malicious efforts – user’s fear, greed and a sense of urgency.
How do you know it’s Smishing?
The growth of smishing came about with our reliance on mobile phones to pay all our bills and shop all our favorite products online.
Although attackers are getting smarter by the day, you can still avert compromising your personal/financial data by just making sure you don’t respond to any message that you didn’t give any prior consent.
Explain phishing with example
Here are some examples of common smishing tactics:
- “Congrats! You’ve won $1.3 million in our International lottery! Click to collect your reward.”
- “We’ve suspended your account for unusual activity. Please confirm your account details.”
- “Want to meet interesting people who live in your area? Click the link to learn more.”
- “Fraudulent account activity detected. Please confirm it’s you to get your account active.”
You’ll notice that none of these actions tell you much about the legitimacy of the sender. They might even mention the name of the bank or the company they represent, but you’ll never find any signals to double check the sender’s intentions.
How to steer clear from Smishing? Smishing Prevention
Here’s something like ‘an apple a day’ idiom – make sure you do these steps to keep cyber attackers away.
Since these cyber crooks only need you to click on these once or twice to get you hooked on their schemes, it is very important that you follow these steps every time.
- Never click on any suspicious links that come your way. Take a moment to check their sender information within the text message. You won’t find much. A clear warning not to go any further.
- Some smishing attacks require you to text the sender back. Never do it, as this is another way to get your personal/financial information.
- By default, close the messages that have any ‘click here’, ‘claim your reward’, or ‘confirm’ links or text however genuine it may look.
- Make sure the links you get from your friends are genuine. Don’t click on them outright, but ask them first about what the link is about.
- If by any chance you clicked on any suspicious link by accident, close it immediately.
- It is always best to call any known numbers to confirm if anyone from their company is actually sending you text messages.
- Just don’t respond to legit-looking messages from a friend who suddenly decided to text you. Chances are, it’s not your friend.
- Any message with ‘Cancel service’, ‘End subscription’ or just ‘Stop’ deserves no attention as it could be the first step in getting you hooked.
- legit Antivirus/antimalware software are always a great addition to your smartphone.
Phones are getting smarter, so should you
By now, you may have realized how easy it is to trick users into giving up their credit card details. The only way to fight against such fraudsters is to be aware of the ways in which they could attack. Also, it is very important that every action you take on your phone is because you understand who you are talking to and you trust the sender.