Have you ever received a text message that claimed to be from your bank, Central Bank or Police, asking you to click on a link or call a phone number to verify or re-activate your frozen account? If your answer is yes then you may have been targeted by a smishing scam.
What is smishing? In a nutshell, smishing (a combination of the terms “SMS” and “phishing”), is a form of phishing where you are essentially tricked into giving someone your personal data via a SMS message, which then can be used to steal your account details and money.
In recent years, smishing has become an increasingly common cyber threat, and this trend has gained momentum during the Covid-19 pandemic as people spend more time on their mobile phones. What makes this type of scam more dangerous is the fact that it is not detected as easily as phishing due to its mode of delivery as mobile phones don’t typically filter out suspicious texts.
If you are suspicious of a phishing email sent to you, the first thing you would do is check the email address to see if it is fraudulent. However, with smishing scams, it’s not as easy to recognize the signs as the message can appear to come from a trusted source or company.
What does a smishing scam look like?
Smishing scams often target customers of familiar companies and establishments. Earlier this year, several people in the UAE received text messages that purport to be from Central bank or CID/Police. The text message was encouraging customers to update their EID or their accounts will be closed. Customers were asked to call on the number provided in the text message to avoid blocking the account. This is an example of fraudulent notifications.
Several people in the US received text messages that purport to be from FedEx about pending deliveries, yet were actually fraudulent notifications. The text directed the users to click on a link to track their packages that enabled malware to be downloaded onto mobile devices.
Another recent smishing campaign enticed people to complete a survey where they were asked to provide credit card details to earn rewards and prizes on behalf of Amazon. The victims were later charged monthly for services that they unknowingly subscribed to.
Some scams of these nature can prove to have dire financial consequences for customers.