Introducing the latest hacking trend: SMS phishing or “Smishing”

sms phishing

Hackers and cybercriminals are always on the lookout for new ways to steal your information. They need to constantly evolve their game in order to make it past security placements around your technology. Many of the tricks they use now are only accessed by you opening a message or clicking on a link you shouldn’t. In order to pass a strong security presence, a hacker needs to be exceptionally skilled, and most just don’t have this kind of capability. That doesn’t stop them from trying easy to avoid yet possible to fall for phishing techniques. One of the latest hacking trends is a form of phishing, known as smishing or SMS phishing.

What exactly is smishing, and how can it possibly affect you? Here’s what you need to know about SMS phishing/smishing as well as how to avoid it.

What Is SMS Phishing or Smishing?

Most phishing forms are done where someone sends you a message that’s requesting some kind of information. It’s straight to the point and doesn’t try to skip around. It will directly ask for account information, log-in credentials, credit card numbers, and so on. It’s very much like a phishing email designed to look like a message from Apple, Netflix, your credit card company, or anything else that’s official. The most successful phishing emails are designed to look like an official email, using the same phone, adding images, and perfectly copying what the real companies would add in emailed correspondence. The big difference is the source address it is sent from.

The same is true with a smishing phishing message; this message is sent via text message. It might be a basic text message or an image and link within the message. Unlike an email, in which you can directly look at the sender’s email address and know for sure it is fake, that is a bit more difficult with a phishing text message. It comes from a phone number that you might not know who it is coming from unless you Google search the number. It will likely tell you it’s coming from Visa, or Target, or Verizon. The text may also look official, and so it is easy enough to be tricked into selecting the link provided.

Before selecting any link sent to you, you need to do what you can to identify the sender.

How To Spot The Sender

First, if your mobile service provider has any kind of text message filter, make sure to activate it. This will block out most spam messages. Some will work better than others. Apple is, for the most part, okay with this. Pure Android, such as those phones on Google Pixel phones, is good with this. But it can be hit and miss. SMS phishing texts, even when your filter is activated, can find its way through.

So how do you know when a message is fake? First, look at the phone number. Does it actually look like a phone number, or is the number too short? If it doesn’t look like a real phone number, it probably isn’t a real phone number.

Next, most companies are going to call you. If there’s a problem with your Visa credit card, you’re not going to receive a text message from them. It’s going to be via a call. Very few official companies will actually message you, and almost nobody will ask for personal information via text. So keep this in mind.

Next, if it is a real phone number and it feels like a real message, but still you’ve never received any kind of message from the number before, you can always Google the number (in fact, you should). Copy the number, then paste it into your mobile search engine. You’ll know almost right away whether it is a fake number or if it is real. If it is fake, make sure to go back to your text message and check it off as “phishing spam.” This will block the number from ever contacting you again, and it will report the number. While it will never fully stop these kinds of messages, it will prevent this particular number from reaching out.

Virus Protection For Your Phone

Yes, you need to have virus protection for your phone. As you now likely use your smartphone more than you do your computer, you’re more likely to get hacked via your smartphone than with a computer. To prevent this from happening, you need to have a kind of virus protection installed on your computer. But which one is right for you? That’s where our team here at Charlotte IT Solutions can help. We’ll work with you and your staff to make sure the right software is installed based on your usage, the phones you use, and the kind of mobile operating system you are using.

Knowledge Is Power With Protecting Your Business

Your company’s Internet security is only as good as its weakest link. This is why you need to do what you can to educate your work staff so they know how to avoid these kinds of SMS phishing scams. If your employees have company phones, a hack on the phone may result in the ability to infiltrate your company’s network. This is just as bad as making it through the computer system (in fact, it is often easier to hack a network via a smartphone as smartphones do not always have the same kind of protective firewalls in place).

Beyond educating your staff, though, you do need to do what you can to protect your entire network, data servers, computers, and all other technology you use that’s connected to the Internet. The best way to do this is with the help of a dedicated IT service provider, such as our team here at Charlotte IT Solutions. Big or small, old or young, it doesn’t matter what kind of business you own, we’re here to help. So give us a call or send us an email today.