While technology makes our lives a lot easier, it also has its dark side, as criminals and scammers don’t hesitate to use it to exploit users. In this sense it is normal to read news of “phishing”, “vishing” or “smishing”. Next, we explain what “smishing” is to know how to protect yourself.
“Smishing” is a scam technique using SMS or mobile text messages, which tries to obtain personal information from the user in order to make a fraudulent use. This is a similar technique to “phishing”, with the difference that “phishing” uses e-mail instead of SMS.
In this type of scam, cybercriminals send a text message posing as someone else, usually posing as a bank or a verification service such as WhatsApp. Through deception, the victim shares personal passwords or details of their credit or debit cards with them.
Although the main goal is usually the theft of information, sometimes they also simply try to “infect” the device or even sell products that do not exist. This type of “smishing” is usually done by sending a message with a really tempting offer or with the warning that a prize has been received.
These messages are generally accompanied by a link which, when clicked, directs the user to a fraudulent web page which mimics the original and which is designed to steal the user’s bank details or which contains some type of “malware” which mislead the user and have them install a malicious application that collects and sends information on the terminal to third parties.
In other cases, the fraudulent SMS may contain a phone number and an indication that the user must make a call to get the reward. These phones have special rates, so they will be a big expense for the user.
Although this type of scam has gained popularity in recent times, due to attacks related to WhatsApp, it is actually a rather old technique, since the first news about this type of attack is in 2008.
How to protect yourself from “smishing”?
To protect yourself from these types of attacks it is important not to trust SMS whose senders are unknown. Also watch out for misspelled messages or those that are poorly translated from English. Nor should you rely on promotions from companies you’ve never shopped from.
On the other hand, users must never provide confidential or personal information via SMS or click on links contained in the SMS.
To avoid this type of attack, the sender should always be verified. Many times a quick Google search on the sender number is enough to get information.
In case you find information that suggests it could be a scam, you need to mark the number as Spam, so they can’t contact you again.