‘Smishing’ is a popular form of phishing, increasingly adopted by cyber criminals looking to implement malware or steal sensitive data through convincing links. It’s called “smishing” because it combines the terms “phishing” and SMS (Short Messaging Service). Phishing is traditionally a social engineering attack over email, but smishing takes place over text messaging channels.
Like phishing, victims will receive a text message from a scammer that will appear as a legitimate business or bank requesting personal details.
Victims may receive a link to install an app (that could secretly deploy malware on your smartphone) or a genuine appearing web page that requests details such as:
• Personal information
• Banking details
• Any information that can be sold on to a third party or used for identity theft or online fraud.
These text messages can easily trick users as they may appear to be from a trusted source – butremember, financial institutions will never send a text asking for credentials or the transfer of money.
If you’re unsure, please contact the genuine source for clarification on their communications or report the message as spam.
For further guidance on how you can spot phishing, please contact the NEBRC at [email protected] or sign up to our free core membership to keep up to date with the latest cyber security matters and keep your business safe online.
The NEBRC is a non-profit organisation that aims to educate, inform, and support businesses in the North East, Yorkshire and The Humber by staying protected against cyber threats.