What is SMiShing? It may sound funny, but the latest cyber-scamming strategy can quickly wreak serious havoc on your organization. In fact, some of the largest global enterprises are already losing millions to these scams each year.
What is SMiShing?
According to the Federal Communications Commission, SMiShing is a mix of SMS—short message service—and phishing. Most of us are already aware of phishing—email scams—but not everyone has received the memo that scammers are now also targeting users with manipulative messages sent straight to their smart devices.
SMiShing is any kind of phishing that involves a text message in an SMS or a phone number. It’s often artfully disguised as a message from a friend or a trusted financial institution.
What makes SMiShing scarier than other forms of phishing?
Most of us already know to be suspicious of sketchy emails or websites. We’re more vulnerable and trusting when we get texts on our personal smartphones.
Texting has become the go-to method for communications, and many of us don’t think twice before accepting texts from our favorite brands, banks or healthcare providers. And the more acclimated we are to receiving automated text messages, the easier it is to fall prey to a smishing attempt.
SMiShing applies social engineering to prompt you to share your personal details. Whether the SMiSher is looking for an online password, your Social Security Number, or your credit card information, the strategy is always the same—earning your trust.
And if you are successfully SMiShed then the hacker can use your details to apply for new credit lines in your name, causing serious future repercussions. Not only that, smishing texts can cause unknowing recipients to visit dangerous websites or download malicious apps onto their cell phones.
How can you avoid getting SMiShed?
Here are a few everyday best practices you can’t miss:
- First, as a rule of thumb, don’t reply to text messages from people you don’t know.
- Keep an eye out for 5000 numbers—these might even be emails sent to your phone.
- Confirm a friend meant to send you a link before ever clicking one.
- Make sure you only install phone apps directly from the official app store.
- Don’t open any messages that seem “sketchy”—delete them immediately instead.
- Do not respond even if the text requests you “text STOP” to end messages.
- Don’t share personal details via text—smishing texts often ask for your Social Security Number, credit or debit card number, zip code, bank account number or routing information, or the name of your financial institution or credit card.
- Think about arming all your devices with safety software—cell phone included.
Why is SMiShing on the rise?
First, email platforms are better-armed to detect phishing emails—the same level of security hasn’t been seen in text messaging apps. Also, the growing BYOD (bring your own device) culture makes it easier for hackers to exploit corporate resources just by breaching personal mobile devices.
Also, multiple cell phone numbers have been stolen through hackings like the 2016 Uber breach incident that exposed the personal information of up to 57 million users and drivers worldwide.
Protect your organization against SMiShing.
SMiShing is known for being one of the most difficult attacks to protect against and monitor. Companies can still reduce risks by setting up the right policies and trainings and putting systems in place to protect their enterprise text messaging network.
MicroAge is here to help. Contact your Account Executive, call 800-544-8877 or email our Solutions desk to start building your security strategy.