Security
/Provident/media/news/news-man-text-worried-lrg.jpg?ext=.jpg
7/10/2023 3:55:37 PM
7.10.23
Smishing Fraud Warning
What is Smishing ?
Smishing is when SMS text messages are used to entice victims to click on a malicious link that either loads malware onto their phone or directs them to a fraudulent website that asks victims to “log in,” thus providing their credentials to criminals. Smishing is similar to phishing scams performed via email, with a key difference being the method used to deliver the malicious link (i.e., via SMS text message). Smishing may also be used to request victims call a number provided in the text message.
How to Identify Threat:
The warning signs for a smishing message are quite like those of a phishing attack and may include:
It is best to report or delete messages you were not expecting from people you don't know. As with email, the best tactic is to not click on a link or call numbers in a message from an unknown party. If you need to contact a company or party after receiving an SMS message, you should contact them using information from a trusted source, such as the company’s own website.
If you do provide log-in information or otherwise fall for a smishing scam, immediately contact companies where accounts may be affected to change your login information and/or add additional login security. Multifactor authentication can also assist with reducing the risk of stolen credentials.
Finally, keep your mobile device software and browsers updated with the latest security upgrades.
Smishing is when SMS text messages are used to entice victims to click on a malicious link that either loads malware onto their phone or directs them to a fraudulent website that asks victims to “log in,” thus providing their credentials to criminals. Smishing is similar to phishing scams performed via email, with a key difference being the method used to deliver the malicious link (i.e., via SMS text message). Smishing may also be used to request victims call a number provided in the text message.
How to Identify Threat:
The warning signs for a smishing message are quite like those of a phishing attack and may include:
- Messages from an unknown number or from a party that has not previously contacted the victim via text message. Criminals may “spoof” phone numbers on smishing messages to make the message appear to be from a legitimate party.
- A sense of urgency, such as a requirement to respond right away to avoid punishment or lose out on a reward.
- Poor English grammar.
- Improperly formatted phone numbers and messages.
It is best to report or delete messages you were not expecting from people you don't know. As with email, the best tactic is to not click on a link or call numbers in a message from an unknown party. If you need to contact a company or party after receiving an SMS message, you should contact them using information from a trusted source, such as the company’s own website.
If you do provide log-in information or otherwise fall for a smishing scam, immediately contact companies where accounts may be affected to change your login information and/or add additional login security. Multifactor authentication can also assist with reducing the risk of stolen credentials.
Finally, keep your mobile device software and browsers updated with the latest security upgrades.