Yet Another Phishing Expedition: “Smishing” – What Is It?

November 13, 2019
Insights from Access Tech

Network Breaches Brought On By Smishing Can Bring Your Business Down

Smishing may sound like a funny word but it is actually a very serious threat to anyone who simply receives a suspicious text. This text relies on social engineering to trick someone into revealing their personal information. These texts, via links within them, use anxiety-provoking terms like “security department,” “unusual activity detected in your account,” or “for security purposes.” They want your attention. Ironically, they want you to react impulsively, just in trying to protect yourself.
This threat is growing and evolving. Smishing can lead to serious network threats when users click on the text’s link. This action causes the application the smisher uses to do something as simple as depositing an infected file for someone to find. That’s all it takes. Texting has become the norm and people are not used to being tricked by a text. Hackers know that and use smishing by taking advantage of the comfort, safety, and convenience text messages represent in our culture.

What Can You Do?

As consumers, it is up to all of us to do our due diligence and always ignore these attempts. Ideally, your next step should be to investigate the source by using whatever info they provided in their attempt at baiting you. Any simple information like a contact phone number, an email address, etc., can be entered into your search engine and will yield some kind of results about who they are. It is also important that this attempt be reported. You can report it. The more reports made, the higher the chances the Smisher will fail, and hopefully have legal consequences. As a rule, never provide personal data like PINs, passwords, social security numbers, or account numbers via these requests.
These smishing attempts infect businesses as well. Smishing can serve as a battering ram into any network if these links are clicked. MSPs must take a holistic approach to cybersecurity by being aware of these threats, coming from any possible source. MSPs can do a lot just by raising awareness. They need to be on guard and continually assist their customers in updating all Bring Your Own Device (BYOD) policies. Deploying an MDM solution or maintaining a separate network for non-managed devices, is highly recommended by those experienced in dealing with these occurrences. MSPs can facilitate this for you.
Contact Access Tech today if you would like more information.

For more insights on this topic: