What the Heck is ‘Smishing’?

If your anything like me your phones become an integral part of managing your day-to-day life both personally and professionally.  In many ways this has improved both the ease of accessing many vital services like banking, while also helping to secure them with technologies like multi-factor-authentication (MFA). Its hard to beat the convenience of looking up a product review, ordering it and receiving it as early as that day, and most of the time it’s smooth sailing. Unfortunately, as with all good things there’s a lot of room for malfeasance here and enterprising criminals have been quick on the uptake.

While most of the text messages (or Short Message Service ‘SMS’ if you want to be technical) you receive are probably legitimate, chances are you’ve gotten a few like this too:

Now I love winning things as much as anyone, but my complete lack of a Costco subscription was more than enough to tip me off to what was really going on here, a Smishing Attack. ‘Smishing’ like its older brother ‘Phishing’ are communications with a link to an infected site or designed to convince you to share PII or other critical info; Smishing is simply Phishing over SMS instead of E-mail. While many of these are easy enough to notice thanks to grammatical errors or incongruencies like I experienced above, some of them are harder to notice if you’re not on guard.

Smishing attempts like this are often designed to look official and apply to the broadest range of potential victims as possible. Since most of us order packages, we might not think twice before clicking on that link or perhaps a phony tracking number. Unfortunately, that’s all it takes for an adversary to potentially hijack control of your phone and all the data on it, and if you’re a business owner you should consider that every employee of yours is at risk of falling victim to these Smishing attacks which could put your business in jeopardy.

These are real messages I’ve received on my phone and just two of the dozens I’ve gotten in the past couple of years. Please be warry of unsolicited messages and think twice before clicking on any links even if they seem legitimate. If you’re concerned about any messages you’ve received or want to know more about software solutions that could help protect you and your employees from Smishing EMCO technology can help!