Top tips for protecting yourself against rising SMS phishing tactics

Without totally neglecting technology and going off-grid to live like a hermit, being subject to some form of phishing or smishing attack is now unavoidable.

Its prevalence has continued to grow. A report released towards the end of 2021 showed that 73% of the UK’s companies suffered data breaches that stemmed from phishing* within the past year – a quite startling statistic.

What started with basic cold calling methods have developed as the importance of email has grown. The fact we operate within a digital world means opportunist scammers and criminals are constantly developing new and innovative methods to extract our key, all while holding the upper hand against those fighting against it. No sooner has one tactic been dealt with has another cropped up.

SMS phishing – or rather smishing – is one of those newer approaches individuals and businesses need to be wary of. During the first six months of 2021, smishing reports grew by 700%, compared to the second half of 2020.

The fact is, no matter the size of the name or brand, nobody is safe, as was highlighted by the attack that Royal Mail endured in March 2021.

We will go into that in more detail in this article, while we will also review the steps that anyone can take to better protect themselves from SMS phishing attacks moving forward.

Royal Mail case study: the simple, yet convincing, text that scammed millions
Due to the COVID-19 pandemic, online orders have boomed. The latest data from Statista shows that there were approximately 4.2 billion parcels sent in the UK during 2021 – 1.5 billion more than what was sent two years earlier in 2019.

And because of that, scammers decided to chance their arm with a simple redelivery approach that utilised an 18-word text and one link to a spoof, yet convincing, website that asked duped customers to hand over their credit and debit card details to finalise their order.

As a result, people saw their bank accounts emptied.

This is a high profile example. Delivery businesses have been high profile targets for these types of scams for years now, but they are not the only target. In fact, the latest data shows that 81% of organisations around the world have experienced an increased amount of phishing attacks since March 2020, coinciding with the start of the COVID-19 pandemic.

Why were so many caught out by this? The first reason is that smishing is relatively new and unheard of compared to email. The second reason is that very few people have internet protection on their mobile phones, leaving the devices that occupy our lives the most exposed to attacks.

SMS threats will continue to, rise for a simple reason… because it is easy to do.
There are well-known and published lists of number ranges that a hacker can go through. There’s no protection against that, or from someone just guessing a phone number.

Mobile Networks have number ranges and, from there, a hacker can just make their way up the list. It’s an easy tactic and doesn’t take a lot of effort, especially when the message being pumped out has the potential to resonate with anyone, like the Royal Mail example.

%d bloggers like this: