With October being Cybersecurity Awareness Month, we wanted to close the month with some cyber tips to protect yourself and your business against cybercriminals. When we think of cyberattacks, we often overlook our mobile devices. Think again! Attackers are increasingly targeting users through their mobile devices with smishing attacks, a type of phishing attack through SMS messaging. This trend comes as companies and their employees increasingly rely more on mobile devices for business.
One type of scam involves a cybercriminal who sends you a text message impersonating the postal service. The text contains a link and says that your package can’t be delivered until you provide additional information. If you tap the link, you’ll be taken to a spoofed postal service website that prompts you to enter your credit card details so your package can be delivered. If you enter your credit card details, cybercriminals could steal your personal information and potentially hack into your bank account and steal your money.
Another similar type of smishing scam is when a cybercriminal sends a text pretending to be a bank. The message says that a security issue needs to be resolved and will prompt you to click a link to your bank’s login page. This page looks legitimate, but it’s actually a spoofed page that records your keystrokes. If you enter your bank login information, cybercriminals will use this information to hack into your bank account.
Here are some tips to help keep you safe from these types of scams:
- Never tap a link in a text message that you weren’t expecting. Cyberattacks are designed to catch you off guard and trigger you to open links impulsively. Always keep your guard up and use common sense when getting any kind of suspicious text!
- Never enter your bank login information or payment information from a link in a text message. Instead, navigate directly to the organization’s official website.
- Remember that this type of attack isn’t exclusive to postal services or banks. Cybercriminals could use this technique to impersonate any organization.
Protecting yourself, your employees, and your business against cyberattacks is critical as cybercriminals find new and creative ways to look for vulnerabilities. It is important to implement appropriate security controls and educate and train your employees against potential threats such as smishing.
