What do you know about SMS & Mobile Phone Phishing?

Because there has been a rise of mobile phone messaging services such as WhatsApp and Facebook messenger, cybercriminals now have a new way to attack users!

SMS phishing or SMiShing works in the same way as email phishing – the victim is sent a fake offer or warning that appears to be from a legitimate company or organization. The message usually contains a malicious link that the victim is persuaded into clicking.

A SMiShing message is often short and to the point with the aim of shocking or scaring a user into clicking the link without thinking twice. A common method is when cybercriminals pretend to be from a bank, warning the victim that their account has been closed, disabled or compromised.

Because the fraudulent message is received via SMS or private message, it can be difficult to realise the message is fake. Why? Because these messages do not contain warning signs of a scam such as the senders email address. Without knowing the SMS is fraudulent, the victim will click on the link willingly and hand over their private information and/or passwords to the cyber attackers.

Here are some helpful tips on preventing SMiShing:

1. Do not click on unknown SMSs or private messages hat contain links!
2. Never reply or give out your personal information if you receive an SMS asking you to
3. If the SMS asks for a quick/urgent reply this is a sign of SMiShing
4. An SMS states “Congratulations, you have won”, etc. this is another sign of SMiShing
5. Should you receive an SMS from your bank, always call your banks customer service line first to double check that it is legitimate

Trust your instincts – if the SMS doesn’t seem right, do not click on it!

TCG Forensics offers a range of cellular and digital forensics services. Should you need the assistance of an expert forensic investigator please do not hesitate to give us a call on 021 110 0422 or email contact@tcgforensics.co.za