How to Avoid Getting Smished
How exactly do you get smished?
It happens when you become a victim of smishing. You might not have heard the term. I know I hadn’t until I stumbled across it while researching on the web. But if you’ve heard of “phishing”, it’s the same thing, just done via SMS messaging.
The way it works is someone, a hacker or criminal, sends you an SMS message that appears to be from a legitimate source – such as your bank or mobile carrier. The contents of the message are usually alarming. For example, your bank account has been frozen or compromised.
In the message they provide you with a link to a website or a phone number to call to fix the problem. If you click on the website, it will either download malware onto your phone or steal the account information you provide to login into what you think is your bank, or carrier. Once they have your account information, they can take your money or make purchases with your money.
Every step you take following the message directions usually looks genuine. They make the website look like your bank (cybercriminals pick big banks that many people use). The login page looks like the login page.
So you do what most people would do, you login.
What happens if you call a number they provide? The same thing, but usually you are connected to a live person who is skilled at getting information out of people. They’ll know the terminology, they may know your name and address. Before long you’ll be reading your credit card information to them because they sound legitimate.
It's Been Around A While
While the term “smishing” was new to me, the concept isn’t. Criminals have been using the same techniques via phone and email for years. Smishing too, as it turns out, started some time ago. But it has surged in the last couple of years.
According to an article on BBC, Interpol has identified social engineering (which smishing is), as “one of the world’s emerging fraud trends”.
In 2015, nearly £675m was lost due to social engineering fraud. It’s bound to continue to get worse because more and more people are using smartphones.
The risk for SMS users isn’t any greater than for email or phone. But what makes it so scary is that people haven’t been educated about it. By now most people know not to click on links in spam emails, or they have anti-virus and anti-malware software that warns them not to do so.
SMS messaging is so immediate, convenient and personal that it catches people unaware. And most people probably don’t have any apps on their phone checking for spam and blocking calls and messages.
What To Do
- Carefully consider the message. If it’s something that doesn’t make sense to you, question it. Don’t react immediately by doing what they ask.
- Don’t click on links or call the numbers provided.
- Go directly to the source. Instead of clicking links or calling, type in the URL of your bank, or call the bank number you find on your credit card or statement. (NOTE: Many articles suggest calling from a different phone if you have already clicked or called the number in the message. Apparently sophisticated hackers can hijack your phone and redirect a call to their call centre and not the actual bank).
- Block the number. Once you determine that the message was spam or a smishing attempt, use the built in ability in your phone to block the call. Most have this, but you need to do it manually unless you download an app to do it for you.
- Report the number. All spam messages can be reported to the ICO who can take action on the offenders. You can find the information on how to report on their website here.
The best defence against smishing is awareness. There are apps you can download onto your smartphone that claim to automatically detect spam and block calls. But your knowledge and intuition are also important because no app will be perfect.
Have you ever gotten a smishing message? Do you have a favourite app you use to block spam messages? Please share in the comments.
Imagine this: Someone wears a red nose, wine glasses filled before noon, and everyone’s talking about mobile marketing. That was the Mobile Marketing’s 6th mCommerce Summit in NYC last week. I’ll get to the red nose and wine a bit later. First I’ll share some takeaways about mobile marketing from the presenters by sharing it with you the way I saw it.
The EU-US Privacy Shield has been struck down: what are the implications for EU companies using US software?
Mobile Marketer is holding the mCommerce Summit: State of Mobile Commerce 2016 today in New York City. And you'll get to find out what happens when I get back and write about it next week. But today, I'm going to give you a sneak peak at what I'm seeing in New York at this moment. Before I do though, be sure to check our fastsms Twitter feed throughout the day. I'll be sharing the best tidbits as they come up in each session as they happen.
Recently Tecmark released the results of a survey they conducted on mobile phone use. You’ll see the results reported everywhere online as the data is quite extraordinary. Here’s we include a summary of statistics for an average user. They may not be all that surprising, but they're certainly telling.
Take a few minutes to watch a video of our Technical Director and Operations Director showing off our new office space in Worcestershire. Then get to know our team as they discuss what they like best about the office.
Fastsms signed up a year ago with Feefo to provide feedback from customers of what they thought of our products and services. Read their comments here.
There can be no one involved in business today - from production to marketing - who would defend one isolated strategy for reaching target markets and effectively engaging with them. In an increasingly individualistic and atomized society, today's consumers discover and engage with brands through a wide variety of mediums and connectors.