{"id":29089,"date":"2019-09-16T06:00:24","date_gmt":"2019-09-16T12:00:24","guid":{"rendered":"https://www.webroot.com/blog/?p=29089"},"modified":"2020-07-30T14:06:57","modified_gmt":"2020-07-30T20:06:57","slug":"smishing-explained-what-it-is-and-how-you-can-prevent-it","status":"publish","type":"post","link":"https://www.webroot.com/blog/2019\/09\/16\/smishing-explained-what-it-is-and-how-you-can-prevent-it\/","title":{"rendered":"Smishing Explained: What It Is and How to Prevent It"},"content":{"rendered":"\n<p>Do you remember the last time you\u2019ve interacted with a\nbrand, political cause, or fundraising campaign via text message? Have you\nnoticed these communications occurring more frequently as of late? <\/p>\n\n\n\n<p>It\u2019s no accident. Whereas marketers and communications professionals can\u2019t count on email opens or users accepting push notifications from apps, they\u2019re well aware that around <a href=\"https:\/\/www.campaignmonitor.com\/blog\/email-marketing\/2019\/01\/roi-showdown-sms-marketing-vs-email-marketing\/\">98% of SMS messages are read within seconds<\/a> of being received<\/p>\n\n\n\n<p style=\"text-align:center\"><strong><a class=\"inline-cta\" href=\"https:\/\/mypage.webroot.com\/types-of-phishing.html?sc=7013i000000cfudAAA\">Phishing has evolved. Learn all the ways hackers are angling for your data with our 11 Types of Phishing eBook.<\/a><\/strong><\/p>\n\n\n\n<p>As with any development in how we communicate, the rise in brand-related text messaging has attracted scammers looking to profit. Hence we arrive at a funny new word in <a href=\"https:\/\/www.webroot.com\/us\/en\/resources\/glossary\/what-is-smishing\">the cybersecurity lexicon<\/a>, \u201csmishing.\u201d Mathematical minds might understand it better represented by the following equation:<\/p>\n\n\n\n<p style=\"text-align:center\"><strong><em>SMS + Phishing = Smishing<\/em><\/strong><\/p>\n\n\n\n<p>For the rest of us, smishing is the act of using text\nmessages to trick individuals into divulging sensitive information, visiting a\nrisky site, or downloading a malicious app onto a smartphone. These often\nbenign seeming messages might ask you to confirm banking details, verify\naccount information, or subscribe to an email newsletter via a link delivered by\nSMS. <\/p>\n\n\n\n<p>As with phishing emails, the end goal is to trick a user\ninto an action that plays into the hands of cybercriminals. Shockingly,\nsmishing campaigns often closely <a href=\"https:\/\/community.webroot.com\/tech-talk-7\/psa-follow-these-tips-to-avoid-charity-scams-in-the-wake-of-hurricane-florence-328939\">follow\nnatural disasters<\/a> as scammers try to prey on the charitable to divert funds\ninto their own pockets.<\/p>\n\n\n\n<h2>Smishing vs Vishing vs Phishing<\/h2>\n\n\n\n<p>If\nyou\u2019re at all concerned with the latest techniques cybercriminals are using to\ndefraud their victims, your vocabulary may be running over with terms for the\nnewest tactics. Here\u2019s a brief refresher to help keep them straight.<\/p>\n\n\n\n<ul><li><strong>Smishing<\/strong>,\nas described above, uses text messages to extract the sought after information.\nDifferent smishing techniques are discussed below.<\/li><li><strong>Vishing<\/strong> is when a fraudulent actor calls a victim\npretending to be from a reputable organization and tries to extract personal\ninformation, such as banking or credit card information. <\/li><li><strong>Phishing<\/strong>\nis any type of social engineering attack aimed at getting a victim to\nvoluntarily turn over valuable information by pretending to be a legitimate\nsource. Both smishing and vishing are variations of this tactic. <\/li><\/ul>\n\n\n\n<h2>Examples of Smishing Techniques<\/h2>\n\n\n\n<p>Enterprising scammers have devised a number of methods for\nsmishing smartphone users. Here are a few popular techniques to be aware of:<\/p>\n\n\n\n<ul><li><strong>Sending a\nlink that triggers the downloading of a malicious app. <\/strong>Clicks can trigger\nautomatic downloads on smartphones the same way they can on desktop internet\nbrowsers. In smishing campaigns, <a href=\"https:\/\/www.webroot.com\/blog\/2018\/05\/01\/smishing-sms-phishing-scam-users-via-text-messages\/\">these\napps are often designed to track your keystrokes<\/a>, steal your identity, cede\ncontrol of your phone to hackers, or encrypt the files on your phone and hold\nthem for ransom.<\/li><li><strong>Linking\nto information-capturing forms. <\/strong>In the same way many email phishing\ncampaigns aim to direct their victims to online forms where their information\ncan be stolen, this technique uses text messages to do the same. Once a user\nhas clicked on the link and been redirected, any information entered into the\nform can be read and misused by scammers. <\/li><li><strong>Targeting\nusers with personal information.<\/strong> In a variation of <a href=\"https:\/\/www.webroot.com\/us\/en\/resources\/glossary\/what-is-spear-phishing\">spear\nphishing<\/a>, committed smishers may research a user\u2019s social media activity in\norder to entice their target with highly personalized bait text messages. The\nend goal is the same as any phishing attack, but it\u2019s important to know that\nthese scammers do sometimes come armed with your personal information to give\ntheir ruse a real feel.<\/li><li><strong>Referrals\nto tech support.<\/strong> Again, this technique is a variation on <a href=\"https:\/\/www.webroot.com\/blog\/2018\/05\/10\/tech-support-scams-from-bad-to-worse\/\">the\nclassic tech support scam<\/a>, or it could be thought of as the \u201cvish via smish.\u201d\nAn SMS message will instruct the recipient to contact a customer support line\nvia a number that\u2019s provided. Once on the line, the scammer will try to pry\ninformation from the caller by pretending to be a legitimate customer service representative.&nbsp; <\/li><\/ul>\n\n\n\n<h2>How to Prevent Smishing<\/h2>\n\n\n\n<p>For all the conveniences technology has bestowed upon us,\nit\u2019s also opened us up to more ways to be ripped off. But if a text message\nfrom an unknown number promising to rid you of mortgage debt (but only if you\nact fast) raises your suspicion, then you\u2019re already on the right track to\navoiding falling for smishing. <\/p>\n\n\n\n<p>Here are a few other best practices for frustrating these\nattacks:<\/p>\n\n\n\n<ul><li>Look for all the same signs you would if you were concerned an email was a phishing attempt: 1) Check for spelling errors and grammar mistakes, 2) Visit the sender&#8217;s website itself rather than providing information in the message, and 3) Verify the sender&#8217;s telephone address to make sure it matches that of the company it purports to belong to.<\/li><li>Never provide financial or payment information on anything other than the trusted website itself.<\/li><li>Don&#8217;t click on links from unknown senders or those you do not trust<\/li><li>Be wary of &#8220;act fast,&#8221; &#8220;sign up now,&#8221; or other pushy and too-good-to-be-true offers.<\/li><li>Always type web addresses in a browser rather than clicking on the link.<\/li><li>Install a mobile-compatible antivirus on your smart devices.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><a class=\"banner-cta\" href=\"https:\/\/mypage.webroot.com\/types-of-phishing.html?sc=7013i000000cfudAAA\"><img decoding=\"async\" loading=\"lazy\" width=\"850\" height=\"300\" src=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2020\/07\/29130009\/Pillar-Content-Banners-11TypesOfPhishing-mockup.jpg\" alt=\"\" class=\"wp-image-30235\" srcset=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2020\/07\/29130009\/Pillar-Content-Banners-11TypesOfPhishing-mockup.jpg 850w, https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2020\/07\/29130009\/Pillar-Content-Banners-11TypesOfPhishing-mockup-300x106.jpg 300w, https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2020\/07\/29130009\/Pillar-Content-Banners-11TypesOfPhishing-mockup-768x271.jpg 768w, https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2020\/07\/29130009\/Pillar-Content-Banners-11TypesOfPhishing-mockup-800x282.jpg 800w\" sizes=\"(max-width: 850px) 100vw, 850px\" \/><\/a><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Do you remember the last time you\u2019ve interacted with a brand, political cause, or fundraising campaign via text message? Have you noticed these communications occurring more frequently as of late? It\u2019s no accident. Whereas marketers and communications professionals can\u2019t count on email opens or users accepting push notifications from apps, they\u2019re well aware that around [&hellip;]<\/p>\n","protected":false},"author":31,"featured_media":29093,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3005],"tags":[21942,21913],"yst_prominent_words":[3493,24929,3557,4797,15203,4431,6675,4009,3539,11051,22119,24931,24935,8709,17521,4269,22113,22105,24933,24927],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29089"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=29089"}],"version-history":[{"count":8,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29089\/revisions"}],"predecessor-version":[{"id":30335,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29089\/revisions\/30335"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/29093"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=29089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=29089"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=29089"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=29089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}