What is Smishing? The Scam Targeting Your Smartphone

person using phone

Cybercriminals are increasingly targeting your smartphone through Smishing (SMS phishing) attacks, which are difficult to stop. They send texts that trick you into doing something against your own best interests. Watch out for a current mystery shopping scam which starts out with a text invitation, asking you to send an email for more information, which then gets you roped into the scam.

The sender is attempting to lure you into providing sensitive information such as your credit card number, account usernames and passwords. The intent is the same as email phishing attacks; these cybercriminals want to take over your bank account or steal your personal identity. Cybercriminals have chosen to target smartphones because a link in an SMS text can be more convincing to click on than in an email message.

What does a smishing attack look like?

Most smishing attacks include a call to action that creates a sense of urgency such as this example:

Your Apple ID account has been locked due to unauthorised login attempts. Please login here and verify your information: bit.ly/1KVFRgf

It can include a text that asks for a donation based on a recent event, such as:

Your help is needed to meet our 2014 goal to eradicate ALS. Pouring water on your head isn’t enough! Please tap here to donate just $1, which will be deducted from your phone bill. And be sure to forward this text to your friends and family.

It can include a text that asks you to claim a prize, for example:

You have been selected for a FREE Bestbuy gift card worth $1000! Enter the code ‘FREE’ at www.bestbuy.com.bsxy.biz to get 1 now! Only 80 left. Text STP to stop.

Lastly, it can include a text about a mystery shopping job like this one:

Become a mystery shopper and earn $400 weekly. This position will not affect your current job. To apply, email full name and contact information to: admin@grimpinvestment.com

What can you do to avoid smishing attacks?

  • Don’t open from suspicious numbers
  • Don’t give out personal information
  • Delete suspicious texts
  • Mobile shop with reputable vendors
  • Use different passwords and two-factor authentication
  • Even if you receive a text message from a friend with a link, consider verifying with them before clicking the link
  • Use a security app for your phone that secures and encrypts any communication

Concerned about your organization’s IT Security?  BSC Solutions Group specializes in Cyber Security protection.  Give us a call today to find out how you can gain greater peace of mind.