[ad_1]
Have you heard of ransomware? Now you have to worry about “smishing”.
Smishing is a relatively new form of cyberattack that threatens millions of consumers and small businesses around the world. Smishing is a form of “phishing” using SMS or text messages instead of email messages to trick recipients into clicking bogus links that lure them to sites where personal information is exchanged or malware is uploaded to. their knowledge.
Many of my little clients and their employees have seen these messages on their cell phones before. They usually come in the form of text that appears to come from a bank, utility company, government agency (like the IRS), delivery service, or some other apparently credible source. False messages related to Covid testing and contact tracing have also contributed to the rise of this activity.
These messages sometimes ask the recipient to confirm payment information or other financial details. Or recipients are prompted to click a link or answer a question. This type of activity also alerts the hacker that the phone number is credible and active, which then exposes them to receiving malware or compromising their personal information.
How much of a problem is that? In 2020, according to the FBI, this new form of attack cost Americans more than $ 50 million, and those costs are expected to increase dramatically. Cybersecurity firm Proofpoint says mobile phishing attacks in North America increased by more than 300% in the third quarter of 2020 compared to the second quarter. British consumers have seen seven times as many smishing attacks this year alone.
Already, the growing threat is catching the attention of corporate IT managers, mainly due to the ease with which these scams can be carried out through employee smartphones. “It’s much easier to block phishing emails on corporate PCs, but today’s telecommuters now use their personal devices to access corporate applications and data,” Phil writes. Richards, director of security at security software company Ivanti. “And frankly, there just isn’t an easy way to verify the authenticity of URLs on smartphones, so users click often and hope for the best.”
The best way to counter these attacks is to simply be more aware. While businesses such as banks and delivery services may send text messages from time to time, they will hardly ever require customers to respond with personal information.
“No legitimate business, government agency, or organization will ask for data even if they’ve texted or emailed you,” a Better Business Bureau representative told a TV station in Fort Myers, Florida. “So they’re creating this alert to act now, something’s wrong, oh my God, there’s something wrong with my account.” People will click on it. They don’t think and then they will provide the information when asked. The FBI has warned people don’t click on links in text messages; and if you think you or your business has been the target of a smishing scam, file a report on ic3.gov.
If you’re running a small business, here’s my advice: step up training for your employees. Use an external IT company or online products that test security awareness like KnowBe4 and PhishLabs. Make sure your coworkers can recognize suspicious messages. And check your bank accounts frequently to make sure there’s no unexpected activity. Ultimately, business owners will have to rely on the common sense of their employees to notice and avoid these kinds of scams.
“It’s the best thing,” said Amanda Williams, vice president of payment and remote services at GECU, a Texas-based credit union, in another report. “If that doesn’t sound right, it’s more than likely a fraud. “
[ad_2]
Source link