What is Smishing?
Smishing is simply another delivery method for a phishing scam that would traditionally be delivered via e-mail, the difference with smishing is this scam is delivered via SMS/Text Message.
Smishing activity in the last couple of years has increased greatly for numerous reasons, but primarily because more people are inclined to trust an SMS so the fraudsters get a higher click rate on they’re scam sites.
There are a few techniques used to build this trust and increase the chances of someone believing the messages is genuine, which is definitely worth being aware of.
Fig.1 below we see a common tactic of using current events such as the Covid19 Pandemic to gain peoples attention and feed off of uncertainty.
Fig.2 Is a classic use of using short URL services to hide the true website address. There are many legitimate companies that contact customers making use of there types of URL services, which only leads to further confusion by the recipient.
In both Fig.1 and Fig.2 we observe a technique known as SMS Spoofing, This is basically where the Fraudster changes the sender ID to appear to come from anyone they wish. In both examples rather than a telephone number, you see the name of the targetted organisation the frausters are trying to mimic. In some cases they can actually mimic the official sender ID of the organisation, this will then place that message in the same message thread of offical messages you may have received earlier, further adding to the confusion of its legitamacy.
With the above techniques used, and the fraudulent websites looking almost identical to the offical web pages, its easy to see why so many people unwitently fall victim to these scams. With many organisations targetted such as below.
What happens Next?
End goal for the fraudsters is obviously to make money, Once the victim data is compromised, The fraudsters will generally look at either going straight to making use of the stolen credentials, or trading these details online. A misconception is that this is all done on the “Dark Web”, in some cases that is true but more often than not, these trading sites are easily accessible as on the clear web and as easy to find as BBC News.
If you receiveone of these messages I would recommend on the first instance, to report this to the UK Spam Reporting Service, by forwarding the SMS to 7726. Here various organisations will be able to respond and take appropriate steps to remove the site. It’s also recommended to take a look at official NCSC advice found here.
This was a basic post to explain what Smishing is and what happens to your details. In future posts i will go into more detail around how the sites operate and what can be done as an organisation to detect and protect your brand.