Smishing – The Next Cyber Threat

Cyber attackers have been making headlines more and more off lately. Despite having a robust information security system, we fail at securing data, mainly because we do not focus on data encryption. What’s next ? You have no data. Data that is not encrypted can be easily stolen and what happens next will be your worst nightmare. Well, let’s not get there, but would you be surprised if we tell you that the internet bad guys are back again with yet another type of attack, that is power packed to devastate you in an instant?

Smishing, have you heard about it yet? Derived from the word phishing, smishing is the act of using mobile phone text messages i.e SMS to lure victims to take an immediate action, for example visiting a malicious website, downloading malicious malware like trojan horse, Rootkit, Spyware, Adware,Backdoors  etc which are hard to stop.

This practice has been around for years now, but the current scams used by these attackers are mystery shopping invitations that commence from a mere text, that provokes the victim to drop them an email and then get roped into a shopping fraud.

These type of attacks are also used for identity theft, for taking over your bank accounts by pressuring employees to give out their company credentials or personal information, that could make you bankrupt overnight.

The easiest and best way to avoid falling prey to such attacks is to refrain from entertaining such communications or SMS’s. This completely makes sense, when the SMS you’ve received comes from a phone number that looks something like this “5500” we bet none of the mobiles numbers you own consist of just 4 digits. This is an indication that the text message you just received is in true sense an email sent to your device.

How can you safeguard your business from getting Smished?

One of the best ways to teach users about smishing attacks is by conducting dummy attacks as a part of your company security protocol. Also make sure to use strong passwords and secure them using an authorized password protection solution.

Along with this you should also get yourself single sign on solutions, that are designed to simplify password management. It retrieves your passwords and your files and signs you into your favorite websites in just one go.

Things to avoid if you think you’ve received a fraudulent text?

  • Refrain from replying to those texts
  • Do not, even by mistake click on any links that are embedded in those text messages
  • Report the number through which you’ve been receiving phishing SMS’s immediately to your mobile carrier (better now then later isn’t it? )

Leave a Reply