Categories: Technology

What in the world is smishing?

Cybersecurity experts are raising alarms about “smishing,” a unique form of phishing that attempts to deliver malicious links or infected applications to cell phones via text or SMS messages.

The challenge with these types of cyberattacks is that a text or SMS message cannot be authenticated beyond the phone number it’s sent from. Hackers have started using new tools that allow them to send legitimate-looking SMS messages from spoofed or stolen telephone numbers.

A recent text-based scheme targeting Android devices purports to be from a delivery company like UPS or FedEx. When unsuspecting users click the supposed package tracking link included in the message it installs a malicious app that can steal banking credentials and other personal information.

Adding to the challenge is the fact that text messages aren’t nearly as easy to track and prevent as, say, malicious emails. URL (Uniform Resource Locator) links sent via text or SMS message are more difficult to inspect for security issues without completely loading the web page the link points to.

Often, these links will be shortened to an innocent-looking address that can be difficult to determine where it will take you. As an example, the link https://rb.gy/gf7ni7, will actually take you to my company website  https://cmitsolutions.com/se-wisconsin/. 

But hackers can easily use these shortened addresses or change a character to point somewhere illicit. In addition, one of my favorite ways to check for bad links in browsers … mobile users can’t hover over a message-based web link to see where it actually points, which means smishing attempts delivered via text or SMS message require extra attention.

Cybersecurity experts at CMIT Solutions echo the following recommendations from the federal Cybersecurity and Infrastructure Security Agency (CISA) to combat smishing schemes:

Only download applications from official stores, such as the Android Play Store or Apple App Store

Take this security check a step further by scanning the name and description of any app before downloading it — look for misspellings, grammatical mistakes and other telltale signs of any problems. Also, read app reviews carefully to see if they seem like real people wrote them. If you see multiple five-star reviews composed with misspellings, poor grammar and improper syntax — or worse, no reviews at all — use caution.

Beware of unsolicited texts that use high-pressure tactics

These can include urgent prompts like “Don’t let your account lapse!” or “Are your funds safe?” along with more benign push notifications like the previously mentioned package tracking link. Legitimate websites will typically also message you inside their website. When in doubt, visit a company’s website by typing in its URL address and then check your messages and notifications there.

Be even warier of text messages that ask you to enter information

It should go without saying that any request for financial information, login credentials, or private details should be ignored and deleted. Don’t be tempted by “something for nothing” messages or other too-good-to-be-true offers.

Think you’ve accidentally clicked a malicious link?

Quit all applications immediately and power your device off. If your phone seems to be working fine when you restart it, log out of any accounts that were open when you clicked the malicious link, and DO NOT log back in on your mobile device. Instead, log in to the account on a desktop or laptop computer to review recent activity and look for any suspicious behavior.

Consult with a trusted IT provider to discuss cybersecurity and security awareness training for mobile devices

Small and mid-sized businesses can consult with a local IT solution provider like CMIT Solutions in SE WI. Most professional IT solution providers can offer comprehensive managed IT services that automatically deploy security patches and software updates for mobile and desktop machines, maintaining a constant watch on day-to-day operations and Internet traffic. These kinds of solutions help keep devices running and employees working while strengthening cybersecurity protection for all types of apps and devices.

Smishing, adds to the list of countless other cybersecurity threats like phishing and spearfishing. These threats can create serious problems for business owners and employees concerned about the integrity of their systems and critical data. At CMIT Solutions of SE WI, we go the extra mile to keep your laptops, mobile devices, and desktop computers safe from scammers, spammers and digital criminals of all types.

If you want to prevent smishing and other IT issues, contact CMIT Solutions today. We keep track of digital threats and proactively protect your business, your employees, your data and your devices.

Mark Hoffmann

A leader in the IT industry for nearly three decades, Hoffmann has helped small and large businesses take advantage of technology to better serve their customers and employees. Hoffmann is owner of CMIT Solutions of SE Wisconsin. https://cmitsolutions.com/kenosha-wi-1018/about/

Recent Posts

New York Times bestselling author JENEVA ROSE coming to Kenosha!

KENOSHA – Blue House Books is thrilled to host NYT-bestselling author Jeneva Rose in Kenosha…

1 day ago

5 Ways to Support Small Businesses During the Holidays

The holiday season offers a wonderful opportunity to support small businesses. From shopping locally to…

1 day ago

Community State Bank’s Annual Gift2Giving Campaign Tops $15,000

Seventeen Local Nonprofits Set to Receive Donations

1 day ago

‘True heroes’: Kenosha deputies awarded Carnegie Medal for heroic Lake Michigan rescue

Two Kenosha County sheriff's deputies were honored with a Carnegie Medal, one of the nation’s…

2 days ago

Unifying Voices, Amplifying Impact: United Way of Kenosha County Raises Over $20,000 at Live UNITED Spectacular Gala!

Kenosha, WI – November 20 – United Way of Kenosha County’s annual gala, The Live…

2 days ago

Uniquely Wisconsin Video on Kenosha Comets Wins Emmy Award: Kenosha County’s “Field of Dreams: AAGPBL 80th Reunion” Recognized

Uniquely Wisconsin has received an Emmy Award for a story featuring Kenosha County’s “Field of…

2 days ago

This website uses cookies.