Tech Talk The latest news, reviews, and discussions for the IT professional.

Are you the Target of A SMISHING Attack?

Are you the Target of A SMISHING Attack?

Under attack?

SMISHING:

Internet scam artists have found a new way to deceive user to surrender their personal information. It’s called SMISHING – when someone tries to trick you into giving them your private information (including user IDs and passwords) via a text or SMS message. It is an emerging and growing threat, a form of criminal activity using social engineering techniques in the same way Phishing is for email scamming. Smishing may include tricking the user into downloading a Trojan horse, virus or other malware onto their cell phone or other mobile device. Criminals love SMISHING because users tend to trust text messages, as opposed to email, of which people are naturally more suspicious. Often the text message will contain a URL or phone number to click or call, and will display a “5000” number instead of displaying an actual phone number. Any text message with a “5000” number indicates that it came from an email to a cell phone, and not from another cell phone. Generally, the SMISHING message will request an immediate response.

Warning signs, you have been targeted:

You may be the target of a SMISHING attack if you have received a text/SMS message from a “5000” number, or where there is a URL link in the message asking you to respond immediately, or when you cannot identify the sender of the text/SMS message.

How to prevent SMISHING attempts on your cell phone:

  1. If you don’t know who the message is from, DO NOT REPLY.
  2. Even if the message says “text STOP” to stop receiving messages, DO NOT REPLY.
  3. Do a web search on the number and message content to see if it’s already been identified as a SMISHING attack.
  4. DO NOT click on any links in the text/message.
  5. If a company has been identified in the text/SMS message, you can look up on the web and get the company phone number, and call the company customer service number to verify the message.
  6. If it doesn’t seem right, don’t fall for the text/SMS message.
  7. You can block the call/text message on IOS and Android devices. 8.
  8. Register with the DO NOT CALL registry with the FTC.[1]
  9. File a complaint with the FTC regarding the spam message.

For more information please visit: www.pcm.com/security  or contact us at pcmsecurity@pcm.com

About the Author: 

John Kronick
Director ATG Cybersecurity Solutions
PCM 

 

[1] https://www.donotcall.gov/?utm_source=takeaction

 

 

JOIN THE CONVERSATION

Share your thoughts and questions in the comment section below. To get the latest news from PCM, follow @PCM on Twitter, join us on Facebook, or connect with us on LinkedIn. To get the latest news sent straight to your inbox, join our newsletter.