Smishing: How does it work and how to avoid it?
Posted: Tue Dec 24, 2024 6:02 am
The development of mobile usage and the sending of marketing SMS has seen the emergence of a new form of scam called smishing . What exactly is this fraudulent practice? How does it work and, above all, how can you protect yourself from it? Find out everything you need to know about smishing in this article.
What is smishing?
Smishing is a criminal practice that involves sending fake text messages to trick users into disclosing sensitive personal information , such as passwords or bank details. Smishing works on the same principle as phishing for emails. However, smishing is more dangerous because users are currently less accustomed to receiving scams by text message. It is a lesser- known practice, which is why we are generally less vigilant about it.
How does smishing work?
The user receives a seemingly ordinary SMS , appearing to come from a known entity such as a bank, a telephone operator, La Poste or even a streaming platform like Netflix for example.
To trap their recipients, scammers pretend to have an urgent problem such as a blocked delivery, unpaid invoices or even a blocked bank account...
The message appears authentic and encourages the recipient to resolve the problem as quickly as possible by clicking on a link.
However, this is actually a download link for malware or redirects the user to an infected website . When the user clicks on the link:
an application can be downloaded and infect the mobile phone;
The mobile user may be redirected to a seemingly legitimate website whose real purpose is to obtain important information .
Typically, bank details are requested in order to proceed to the next step. armenia phone number database If the mobile user "takes the bait", their bank details end up in the hands of cybercriminals .
Here are some examples of common smishing:
you receive an SMS from La Poste warning you that your package is stuck in a sorting center and that you must pay postage for it to reach you;
you receive an SMS from your bank inviting you to download a new application to take advantage of all its new services;
you receive an SMS promising you free training via your personal training account (CPF);
You receive an SMS warning you that your Netflix account has been suspended because your payment method has been removed.
The possibilities are numerous and scammers are competing in imagination to try to trap the greatest number of users.
Also read: GDPR: Customer reminders and consent
How to recognize a fraudulent SMS and how to protect yourself from it?
To identify fake SMS and avoid being scammed, do not click on the link received by SMS or respond to the message when:
the name of the sender is unknown to you or you do not remember giving your telephone number to the sender;
the message contains insistent phrases such as “Urgent”, “Quickly” or even “Congratulations! You are the big winner”;
the phone number seems strange to you and/or comes from abroad.
To avoid falling into the trap, it is important to take some precautions:
Trust your intuition! If in doubt, do not click on the link. You can first do an internet search to see if the sender's number is already associated with a scam. Or contact the company whose name is used in the SMS directly for more information.
First check the authenticity of the site to which the link received by SMS points.
Install antivirus software that includes anti-phishing functionality, or an application specifically developed to combat phishing .
Use a different password for each site and each application.
Opt for two-factor authentication wherever you can.
Do not share any so-called “sensitive” information about yourself via SMS.
Finally, if you think a scammer has accessed your account, contact your bank immediately! They will block your card and advise you on the steps to take to resolve the situation as quickly as possible.
What is smishing?
Smishing is a criminal practice that involves sending fake text messages to trick users into disclosing sensitive personal information , such as passwords or bank details. Smishing works on the same principle as phishing for emails. However, smishing is more dangerous because users are currently less accustomed to receiving scams by text message. It is a lesser- known practice, which is why we are generally less vigilant about it.
How does smishing work?
The user receives a seemingly ordinary SMS , appearing to come from a known entity such as a bank, a telephone operator, La Poste or even a streaming platform like Netflix for example.
To trap their recipients, scammers pretend to have an urgent problem such as a blocked delivery, unpaid invoices or even a blocked bank account...
The message appears authentic and encourages the recipient to resolve the problem as quickly as possible by clicking on a link.
However, this is actually a download link for malware or redirects the user to an infected website . When the user clicks on the link:
an application can be downloaded and infect the mobile phone;
The mobile user may be redirected to a seemingly legitimate website whose real purpose is to obtain important information .
Typically, bank details are requested in order to proceed to the next step. armenia phone number database If the mobile user "takes the bait", their bank details end up in the hands of cybercriminals .
Here are some examples of common smishing:
you receive an SMS from La Poste warning you that your package is stuck in a sorting center and that you must pay postage for it to reach you;
you receive an SMS from your bank inviting you to download a new application to take advantage of all its new services;
you receive an SMS promising you free training via your personal training account (CPF);
You receive an SMS warning you that your Netflix account has been suspended because your payment method has been removed.
The possibilities are numerous and scammers are competing in imagination to try to trap the greatest number of users.
Also read: GDPR: Customer reminders and consent
How to recognize a fraudulent SMS and how to protect yourself from it?
To identify fake SMS and avoid being scammed, do not click on the link received by SMS or respond to the message when:
the name of the sender is unknown to you or you do not remember giving your telephone number to the sender;
the message contains insistent phrases such as “Urgent”, “Quickly” or even “Congratulations! You are the big winner”;
the phone number seems strange to you and/or comes from abroad.
To avoid falling into the trap, it is important to take some precautions:
Trust your intuition! If in doubt, do not click on the link. You can first do an internet search to see if the sender's number is already associated with a scam. Or contact the company whose name is used in the SMS directly for more information.
First check the authenticity of the site to which the link received by SMS points.
Install antivirus software that includes anti-phishing functionality, or an application specifically developed to combat phishing .
Use a different password for each site and each application.
Opt for two-factor authentication wherever you can.
Do not share any so-called “sensitive” information about yourself via SMS.
Finally, if you think a scammer has accessed your account, contact your bank immediately! They will block your card and advise you on the steps to take to resolve the situation as quickly as possible.