The Financial Times reported that more data was stolen in 2020 than in all of the previous 15 years combined, highlighting how the pandemic has revved up the intentions of cybercriminals.
Fighting data theft is mostly left to big companies, but we as individuals must have our guards up, especially when it comes to phishing emails.
Phishing emails are something most of us are aware of and know pretty well how to spot. In a nutshell, they’re emails sent by criminals wanting you to give personal information away directly or indirectly, by pretending to be a company you may use and getting you to click links to pretend websites and enter passwords.
If in any doubt, ignore them and contact the company directly.
But now there is a new type of scam in circulation. It’s similar to a phishing email and it’s called smishing – and we’re here to give you the details.
What is smishing?
Smishing is a new term to describe phishing attempts that use SMS text messaging instead of emails. It’s a phrase coined by combining the words SMS and phishing. A cybercriminal will send you an SMS pretending to be a company you may use and ask you to click the link in the SMS to confirm details, usually by entering personal information.
If you want examples of some ‘live’ smishing attempts, the short term loans provider Wonga have kindly provided snapshots of some real examples that have been brought to their attention. They’re showing smishing examples to protect their loan customers and raise awareness in wider society. You can see below just how convincing some of these attempts can be:
Smishing can work
There have been BBC reports of smishing attempts in the UK where criminals pretend to be the national post service, namely Royal Mail. These SMS messages tell the recipient that their delivery requires a fee or it will be returned if not paid, prompting many to click the link and enter their card details.
This large-scale smishing attempt has been successful due to more people ordering online due to the pandemic, meaning there is a good chance a recipient is awaiting a delivery. Moreover, Brexit has now meant some people are expected to pay fees when receiving items from abroad. Cybercriminals have used the current situation to make smishing successful.
Why have cybercriminals moved to smishing?
Cybercriminals are moving to smishing because email providers are getting better at filtering spam and phishing attempts. In comparison, mobile phone providers are not yet filtering the messages we receive to our smartphones.
And as mentioned above, the current climate can make smishing lucrative for criminals.
How to protect yourself against smishing
The best way to protect yourself from smishing attempts is to take a better-safe-than-sorry approach. Every time you receive a text message from a supposed company you are using – including banks and HMRC – do not click any links.
Rather, call the company using their registered number and ask if the message is genuine. If not, you’ve automatically reported it and not given away any details. If you click links and give away bank details, call your bank straight away.