Do you spend a lot of time with your face buried in your phone? Well, your employees most likely do too.
To prevent you from becoming a smishing victim, we’ve prepared a list of 5 tricky Smishing Examples you should keep an eye out for.
Attackers have spotted the huge cybercrime potential of nowadays’ digital era. So they are getting more creative by the day to meet you (and your staff) where you are – on your most personal device, the almost natural extension of your being, your phone.
What Is Smishing?
The official smishing definition is given by the Oxford Dictionary and says the following:
“The fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.”
This sneaky strategy appeals to your emotions rather than break through a computer’s or a network’s defense mechanisms. Hackers’ favorite emotion to toy with is panic. So they craft the fake messages with a sense of urgency to them in order to trick you into clicking the link provided.
More sophisticated forms of smishing attacks can also download and install malware onto your device.
5 Smishing Examples To Watch Out For
What do smishing messages actually look like? Here are 5 recent smishing examples.
Pay close attention to the feeling these smishing examples give you and how they persuade you to take action. Also, notice how smishers claim to be legitimate companies that people trust. They use this dirty trick to make sure the target becomes a victim.
1. The urgent message about your credit card
This SMS claims to be from American Express.
3. The “you won a prize, click here to get it” type of text
In the image below, it claims to be from Walmart. This might be tempting if you’ve taken some of the surveys printed on your receipt. Maybe luck finally found you, and you won money you never thought you would.
2. The “your bank account is locked” type
This message pretends to be from US Bank.
4. The “clearly fake, but also funny” smishing attack
This one pretends to be from Amazon. We’re not sure what the logic behind it was, but apparently, you’re promised to win if you just take the survey.
5. The “unusual account activity”
We find ironic the use of the word “unusual” considering how usual and common these smishing examples actually are. The text prompts you to click on the URL to secure your information (oh, the irony. Again.). This particular message claims to come from Apple Support.
Keep in mind that these are only a few smishing examples of what’s out there. The ever-evolving online world will not cease to inspire smishers, so watch out for any red flags and consider security awareness training for your employees.
What Can You Do To Avoid Being Smished?
Although nobody can fully stop smishing attacks, here are a few ways to protect yourself and your company against them:
- Do not click on URL’s you get in a text message or any other form of communication, unless you know and trust the sender. Even if the text was sent to you by a friend, you should make sure they meant to send it;
- Do not respond to text messages from people you don’t know, from an unknown number or a phone number that doesn’t look like one (like the ones in the smishing examples from above);
- Only download apps from official app stores;
- Do not enter your sensitive information on the suspicious websites the attacker directs you to;
- Do not take the action required by companies via text message. Choose to contact them using a method you trust, such as a telephone call instead, to verify the text was legit and not a scam;
- Report any suspicious texts you receive and block the number without replying.
Having discovered the above smishing examples, you may want to keep your guard higher.
Rigorous caution and good security practices are all the more crucial if we’re talking companies. As with any other form of attack, smishing targets companies because that’s where the big money is.
Security Awareness Training is a key factor in keeping your company safe from scammers. ATTACK Simulator’s program will educate your employees on smishing and all the other online frauds and equip them with extensive knowledge on how to defend themselves and your company.