Heard this story? At least 2 million people received an email from Walmart, saying that the order just placed by them was being processed. Several people clicked on the link provided in the mail, and unintentionally downloaded malware onto their desktop or laptop.
Quick FactAccording to PEW Internet & American Life Project, in May 2010, 72% adults texted on a daily basis, receiving a median of 10 texts per day.
That was not a one-off incident. It has happened before, several times. Email phishing is quite common nowadays. Typically, a phishing email intends to seek out financial information about the person who receives the email. But that was yesterday's news. Today, SMiShing attacks are making headlines. SMiShing is the SMS variant of phishing, where the cyber criminal uses the short messaging service, instead of an email, to bait the target.
Think Before You Click
In the cyber age, when we all have varying degrees of nomophobia (fear of being away from one's mobile phone), text-based phishing scams are not surprising. There are numerous types of scams that are devised to part you from your money. SMiShing is one of them. The only distinction is, you are more likely to click on the devious link provided by the scammer via an SMS.
You are always on the move. Your phone goes with you, wherever you go. If suddenly, your bank warns you through a text message to verify your account details or your debit card will expire, it makes sense to click on the link and verify it, right? Wrong. When you think of it for a minute, you will realize no bank will ask for your personal information via SMS. Similarly, winning a product or free trip is too good to be true. If the offer is genuine, they won't give away stuff so easily.
The U.S. Department of Justice (DOJ) issued three simple steps to avoid such frauds - Stop, Look, and Call.
Stop - Before you get hyper about a phishing SMS that will give you an exciting or alarming news, you need to stop. Period. Such SMSes work on the harried mind, and want an immediate reaction from people. Statistics say that most people check their phone inbox within 15 min of receiving a text message. By controlling the impulse of replying instantly, you can save yourself a lot of trouble.
Look - Generally, phishers are known to use compromised phones. That makes it difficult for the service provider to block the text messages, as they seem to originate from a trusted domain. It has been observed that most phishers are not really well-read. They may invariably use wrong grammar or even misspell the company's name. Such blunders are not expected from reputed banks, or any company, for that matter.
Call - As soon as you get a text message from your bank or online shopping account to verify your personal details, you need to call the bank's helpline number to confirm whether the message was genuine. While you are on the call, also get the details of the "grand offer" you got through the SMS. Most probably, your doubts about the authenticity of the text message will get confirmed, and you can take a deep breath, knowing you just dodged a bullet.
Solution - Cyber criminals are quite smart. They are known to even hijack the site of authentic sources. Whenever you receive a message that urges you to act immediately and reveal your personal details, don't reply. Not even with a "no" or "stop", as it will alert the scammers that this is an active phone number. You can forward the text to 7726, which is SPAM spelled on the keypad. If you are worried about the increasing threat of cyber crime, you can always setup a Text Alias feature, that will allow your phone to display an alias on outgoing calls, instead of the phone number. This way, you can reduce the chances of getting 'victimized' through SMiShing.
Since smishers send text messages to a large number of people, they use texts via an internet text relay service, in order to hide their true identity. Some cell phone service providers and phone companies allow you to enable a feature which will block texts originating from the Internet.
Since the dependence of cell phone has increased to an astronomical level, it is best to add security software to your cell phone.