Smishing is a form of phishing that uses mobile phones as an attack the platform. The criminal carries out the attack with the intention of collecting personal information, including social security and/or credit card numbers. Smishing is implemented via text messages or SMS, giving the attack the name “SMiShing”.
Smishing attacks use short messaging services, or SMS, better known as text messaging. This form of attack is growing in popularity as people are more likely to trust a message that arrives on their phone via a messaging app than a message that is delivered via emails.
Although many victims don’t equate phishing scams with personal text messages, the truth is that it’s easier for attackers to find your phone number than your email address. There are a limited number of phone number options – in the US a phone number is 10 digits.
How a smishing attack works
A smishing attack doesn’t take much. All a hacker needs to do is set up a specific target and have some technology handy. Smishing attacks typically involve the use of social engineering attacks. Now let’s look at how a smishing attack works.
The cyber attacker finds a target and then sends an SMS with a fake number to the target. Typically, the number and message contained in the text look so legitimate that they trick the victim into believing that the message and the sender are real. Smishing attackers will even go so far as to research their targets so they have adequate knowledge of their targets. You pretend to be a company or financial institution. Your targets will find it easy to believe them.
How to Prevent Smishing?
To deal with it, you can try these simple but effective methods:
Don’t reply if the message came from a spam number
Telcos are also aware of this attack and have started to report a number as spam when a number is involved in bulk SMS postings. So if you get an SMS from a spam number, don’t reply to it.
Don’t take immediate actions
Text messages that pretend to take immediate action are mostly smishing attacks. Take the time to check the information if it is a gift or a voucher. Check from trusted sources. For example, if a text message says you have a $1,000 Amazon gift card, contact customer service and verify the information. If the SMS says so, customer support will check.
Use an anti-virus software
Most of the time, people don’t have antivirus program installed on mobile phones. But they should as it will search for harmful links or content on your mobile phone and protect you.