Look Out, There’s SMS Phishing About

SMS Phishing scam

 

SMS Phishing is fast becoming one of the most common forms of threat – even more so than fake apps.

You might think that in the scale of things, SMS scams as a cyber threat is a bit old school, but that’s what makes them so darn clever. You are constantly reminded about looking out for fake apps, dodgy emails and unsecured websites but what happens if you get a text telling you you’ve won a product?

The chances are because it’s not an email, you would be drawn in. The fake URL contained within the message proves too tempting, and you click – after all, what harm could it do? It’s only a text.

The problem is that one click will unleash malware on your smartphone.

Don’t get caught out

It pays to be vigilant whether using your PC, tablet or phone. To help you stay safe here are a few things to watch out for, courtesy of BullGuard:

  • Don’t click on messages from unknown sources that contain links
  • Don’t reply to any messages that ask about your finances
  • If the text demands a quick reply, ignore it, it’s probably a smishing attempt
  • Don’t call back a number associated with a text that has arrived ‘out of the blue’
  • If the message starts: “Dear user, congratulations, you have won” (or something along those lines) it’s a scam
  • If the message purports to be from a long lost friend, it’s a scam

To be on the safe side, here at MPM we recommend you protect your devices with a product like BullGuard (others are available).

Above all, stay vigilant and stay safe.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Don’t Fall Victim to SMiShing

Phishing

SMiShing is the text version of email phishing.

Research recently carries out by McAfee Labs has identified an active SMiShing campaign targeting iPhone users.

It goes like this:

  • You receive a text message telling you your account has been temporality locked and a ‘helpful’ link to click on to unlock your account
  • Of course, clicking the link takes you to a site full of warnings about the impending closure of your Apple account
  • Another link then takes you to a counterfeit Apple ID login
  • The information you enter here (i.e. your Apple ID and password) is collected by the cybercriminals and used to gain access to your Apple account

Not good.

You’ve got used to being on your guard against bogus emails, now you have to apply the same thinking to text messages.

As a general rule, if it sounds dodgy it probably is. If unsure, open a your browser and make your own way to the Apple account login page and see if you have any messages there.

A guide to spotting SMiShing

It’s highly unlikely this Apple scam will be the only SMiShing attack out there, so here are a couple of things to remember.

1: How they contact you

Since you bought your iPhone you’ve probably had to re-enter your iCloud or Apple ID password for various reasons. When needed, you’ve never been asked to by text message. Pop-up is the standard method Apple use, so be suspicious of any text message that asks for your Apple credentials.

2: What they look like

These forms of attack are sent out in huge quantities so, to save time, the cybercriminals use code from a previous attack. When this happens you see things like standard email fields of “from,” “subject” and “message,” giving a clear indication that you should be suspicious – after all, when was the last time you received an text message with a subject line?

The best advice we can offer (as always) is be on your guard and if something looks odd it probably is.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.