Hackers Gone Smishing: How to Stop Spam Texts

What is a Smishing Attack?

Cybercriminals are constantly finding new ways to scam users out of their personal information. One current attack method is called “Smishing.” Smishing is sending spam text messages, pretending to be from reputable companies, to trick users into sharing private data, such as credit card numbers, banking information, and social security numbers. Just as phishing lures users into clicking on embedded links in emails, smishing applies similar hacking techniques to text messages.

Smishing Scams

Here are some examples of the most common smishing text messages:

• “Good day. Your FedEx package code LX-509pc.319-P is ready to ship. Please set your delivery preference by clicking here>>> blv446.pref.fed.278g5”
• “Congratulations, Tom! The transaction number of your last receipt with us was randomly selected to receive a $5000 Walmart gift card. Click here to claim your prize! DOP-L432-5000.pref.fed.278g5”
• “YOUR CARD HAS BEEN PUT ON HOLD! Please call 1 (869) 222-0045 and follow the voice prompts to resolve this matter.”
• “WARNING! The High Crimes Division of the FBI has referred you for criminal prosecution. If you do not click on the following link within 24 hours from receipt of this message, we will be forced to contact your local police to issue an arrest warrant. CLICK HERE to avoid prosecution!”

The above is just a small sampling of the thousands of types of smishing attacks being launched every day. It is easy to see how users receiving such texts could be easily fooled and prompted to click without first analyzing the source of the messages.

Did you ever receive a delivery of a package you know you didn’t order? Or maybe you’ve received monthly subscriptions for things you feel certain you never ordered. Many smishing scams are minor. However, even relatively benign spam texts can lead to more spam texts. Because when you click on the embedded object, you are confirming your phone number is active and, therefore, a target. However, with the increase in mobile work and the addition of smart devices, many smishing scams can have consequences significantly more devastating than getting a new watch you never ordered.

How to Stop Spam Texts

Every endpoint device in your SMB’s network can be attacked simply by an unsuspecting user clicking on an embedded link or phone number in a spam text. Therefore, device security is essential for every endpoint in your network.

The two primary methods for reducing or stopping unwanted suspicious spam texts are blocking the contacts or using filters to filter unknown senders:

• On an iPhone – Open the suspicious/unknown sender text and click on the arrow next to the contact or phone number. Next, click on the gray “Info” button. Then, click the blue info button and scroll down to “Block This Caller.” This operation will block that specific number from texting or calling you.
• On an Android – For most androids, start by opening the messaging app. Next, tap on the three-dot menu in the upper-right corner of the window. Then, tap "Details" and then "Block Contact.” Some Android phones, such as Samsung Galaxy phones, have a "Block" option as part of the three-dot menu.

In addition, iPhone users can automatically stop unwanted texts by opening “Settings,” scrolling down to “Messages” and clicking on “Filter Unknown Senders.” This option will not delete the message. Instead, it will mark and isolate the message as “Potential Scam.” You can then review the number and decide it is safe to open.

To automate stopping unwanted texts on Androids, open the Messaging app and click on the three-dot menu to find and open “Settings.” Next, click on “Spam Protection” and then “Enable Spam Protection.”

Device Security

Do not wait for a cyberattack to address device security. Businesses are constantly adding new connected devices, and each one is a potentially vulnerable endpoint that must be locked down before an attack. Every device you add to your business network widens the target landscape for cyberattacks. Therefore, it is essential to hire cyber security experts to provide a thorough cyber risk analysis of your entire system and network to ensure you have appropriate protections in place. SMB’s cannot waste time worrying about whether or not their company data is adequately protected. They must be able to operate their business with the confidence that they have appropriate cyber security layers in place.

DIGIGUARD Cyber Security Knows How to Best Protect Your Business Data

DIGIGUARD, specializing in preventing cyber threats, has a wide array of solutions to protect against cybercrimes. It works with small and midsized businesses to establish cyber security best practices to ensure their confidential data has the best protection possible and that all network users are on the same page. “Think before you click” must become a company-wide security mantra. Many companies bound by strict compliance and privacy laws such as law firms, medical practices and financial service institutions cannot afford data breaches of any kind. For any business, cyberattacks can have crippling consequences. DIGIGUARD can assess your cyber risks and work with you to ensure you have the best protection solution for your business.

Call DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) and visit www.DIGIGUARDsecurity.com to increase your level of cyber security and lock down your SMB’s hard-earned data.