From grocery pickup to credit score updates, many services send text message notifications. Generally, these notifications include a link with a very vague and short message — which makes them perfect for spoofing! Bad actors use fake notification messages for SMS Phishing or Smishing attacks.
In a recent smishing attack, the hackers fool shipping companies and send multiple bogus text message notifications. The text messages declare that you have an urgent notification about the delivery of a package. These notifications include a link for additional information. Clicking the link will redirect to a phony Google login page intended to steal any information you enter.
It can be tricky to detect smishing attacks, but there are steps you can take to keep your information safe from traditional phishing attacks.
Follow these tips:
- Think before you click. Ask yourself:
- Were you expecting the text?
- Did you sign up for text notifications?
- When did you give this business your phone number?
- Be careful of a sense of urgency. These bad actors send various texts and use words like “urgent” to deceive you into hastily clicking a malicious link.
- Do not trust a link in a text message that you were not anticipating. If you think the notification could be genuine, contact the company in another way, such as visiting their official website.
Overall, you want to create a security awareness culture with a healthy level of suspicion around SMS messaging.
Smishers using text messaging more frequently to conduct phishing and spear-phishing attacks. Get ahead of the increasing problem today by defending against smishing.
If you have any questions about smishing or defenses, please don’t hesitate to contact us!