Apr, 2022

Phishing is a technique used by cyber terrorists frequently use to fool users and grab their confidential data. Normally this is done by sending fraudulent attachments or suspicious links (otherwise known as Phishing Links) via email or some kind of message.

The word Phishing is very common nowadays, almost everyone knows about this inimical method of stealing digital identity and assets. Due to its existence for a long period of time, almost everyone using the internet has developed some kind of a defense mechanism against it and are very cautious while opening a link sent through an email. To cope with the changed scenario, the bad guys have also adapted and are trying various newer methods. “Smishing” is one of those methods which have really caught the eyes of a lot of general users as well as experts.    

What is SMiShing

What is smishing?

When smartphones become the primary platform for the spreading of phishing links, that’s smishing. In simple terms, when hackers use mobile text messages to lure people falling into a digital trap, we categorize that as Smishing. Mobile text messages are popularly known as SMS or Short Message Service. That’s how SMiShing gets its name, phishing done via SMS or mobile phones. 

How Is It Harming More

As phishing is around for a long time, people are aware of this malicious mode of cyber crime in general. Moreover, there are built-in spam filters in all of the prominent email service providers. So a large chunk of phishing emails are actually filtered out before they are even opened. 

However, it’s not the same for Sms-phishing. As this is new, people are not that much aware yet, nor the filtering service for spam SMS is a prominent thing either. Many do not even take into consideration the fact that phishing through text messages is even a thing! In addition, everyone has a natural tendency to treat all text messages as innocuous and click any links or follow any instructions given there. As a result, smishing has a better success rate than phishing which is alarming.

Another fact why Smishing is more damaging is, for email addresses, there are almost an infinite number of possibilities. However, a local cell phone number has only digits and usually consists of a certain amount of them. For example, any US phone number is 10 digits. So anyone could type 10 digits frivolously and could end up with a valid phone number. So a hacker can simply send text messages to any number.

Why Smishing is harmful

All these reasons combined make Smishing a very strong potential threat. A report by Gartner shows that as high as 98% of text messages are read and almost half of them get a response. When this is compared with 6% of total email responses, the scenario becomes clear.

Different Kinds of Smishing

Just like there are different types of email phishing scams, there are different types of smishing as well. The primary method for Smishing is definitely the text messaging system. But, nowadays text messages are often replaced by different instant messaging apps. To name a few, Facebook messenger, WhatApp, and Viber are there. More often than not, a cell phone number is tagged along with all these instant messengers accounts. So, it becomes easy for a scammer to scam those apps too. 

Attackers also try to get into the victim’s mind in some specific ways. For instance, they might send a SMS saying the recipient has won a lottery and lure them to click a link. 

Lottery Smishing

In another case, people are always waiting for a delivery from the courier service, so the scammers use some renowned brand name like DHL or FedEx and try to scam general people.

Probably the most common Smising frauds happen in the means banking channel. If not all then most of the people who use online banking services have a mobile phone. As people do not suspect their mobile to be a source of a phishing scam, scammers try to get hold of secret credentials and banking information via this.

Smishing Banking Scam

Such an incident happened with the customers of Bank of Ireland where as many as 300 customers fell victim of a Smishing scam and the bank had to compensate an amount around 800,000 Euros.        

How to Stay Safe From Smishing

Staying safe from Smishing is more of a habit than overnight success. Ensuring safety from these kinds of scams largely depends on the specific person’s consciousness and ability to identify a possible scam and ignore as well as report the message. 

Here are some tips to identify and avoid a potential smishing scam

  • All the potential scams have something in common, “If it is too good to be true, probably it is”! If the offer or claim in the message is unbelievable or unrealistic, you should better avoid it! 
  • As for any banks or financial institutions, they will never ask for your personal information like credit card no, ATM pin or OTPs. If any text message has the slightest hints of asking anything similar, simply report and block that sender. If you have any doubt if it is from your bank or not, contact them directly. 
  • It’s better to completely ignore let alone responding to a number or account which is completely unknown to you.
  • Refrain yourself from clicking any link and submitting any personal info everywhere. Be sure to check thoroughly before doing any such things. 

The Author

Shahriar Rahman

Shahriar is a cybersecurity enthusiastic, computer geek and keen blogger. Writing in various niches for the last five years. Working towards making the internet a safer place for everyone.
Shahriar Rahman
  Leave a Comment