Emails are a quick and easy way for cybercriminals to phish for your information—but it’s not their only tool. Smishing, or SMS Phishing, is another way the bad guys try to trick you. Many of us are used to receiving legitimate promotions, reminders, and security notifications via text message. These messages—both real and fake—are brief and often include links, so it can be difficult to spot a smishing attempt.
One recent example involves scammers posing as your local postal service while sending malicious text messages as part of their smishing attack. The message claims that you have a package waiting for pick up, but to see more information you must click the link in the text. If you click the link, you’re taken to a phony verification page. Here, you’re asked to enter your banking information in order to verify your identity. If you provide any information on this page, your data is sent directly to the cyber criminals—giving them full access to your bank account. Don’t be fooled!
Here’s how to stay safe from this smishing attack:
- Think before you click. Are you expecting a package? Is this how the postal service usually handles things? Consider anything out of the ordinary a red flag.
- Never trust a link in an email or text message that you were not expecting. Instead of clicking the link, open your browser and type the official URL of the website you wish to visit.
- Go old school. Pick up the phone and call your local post office. Be sure to call their official phone number—not the one that sent you the suspicious text message.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.