Dalechek Tech Talk

What is Smishing? Learn How To Protect Your Business

December 2, 2022, Written by 0 comment
Dalechek Tech Talk

SMS phishing (“smishing”) is a form of phishing in which an attacker uses SMS text messages to trick recipients into compromising sensitive information.

You may have received a random text message from unknown numbers in the past; while these may seem innocent, they are a successful way of social engineering.

Over the past two years, these attacks have risen by over 300%, as many people trust text messages more than emails. These attacks are also simple to set up; many VOIP platforms offer options that threat actors leverage to carry out these campaigns. Many of these attacks attempt to obtain personal information to be used in future attacks; other attacks try to capture verification numbers for multi-factor authentication.

General Smishing Guidelines

  1. Do not respond to text messages from unknown senders. Once you reply to a smishing attempt, the attacker knows they have a potential victim and will continue to target your number.
  2. Never send personal information via text message.
  3. Avoid clicking on links via text message.
  4. Report the smishing attack.

What is the best way to report a smishing attack?

Get the attacker’s accounts suspended and make things inconvenient for them to ruin their day.

  1. Use a carrier lookup tool (https://freecarrierlookup.com/) to identify the underlying telecom provider and their contact email.
  2. Email the telecom provider, including the reason for reporting the SMS, the scammer’s phone number, and the date and time of the unwanted SMS.
  3. The telecom provider may be a wholesale provider (like Bandwidth) and may need to contact their customer to investigate. Once the investigation is completed, the providers are obligated to act. Many times, entire accounts are disconnected and suspended.

Another option, if you do not have access to email, is to forward the smishing SMS to 7726.

On an iPhone:

  1. Touch and hold down the message; once the menu pops up, select “More.”
  2. Select the blue forward arrow in the bottom right
  3. Enter 7726 in the To field and hit send
  4. You will receive a text from 7726 asking for the address/number of the smishing text message
  5. Respond with the number you received the smishing text from, and you’ll receive a “thank you” message as confirmation

On an Android device:

  1. Touch and hold down the message; once the menu pops up, select “Forward Message.”
  2. Enter 7726 in the To field and hit send
  3. You will receive a text from 7726 asking for the address/number of the smishing text message
  4. Respond with the number you received the smishing text from, and you’ll receive a “thank you” message as confirmation

Lastly, visit their Complaint Assistant page to report fraudulent text messages to the Federal Trade Commission (FTC). Click “Report Now” and select “Phone, internet, TV service,” then “Cellular or landline phone service,” then click the Continue button. It will take you through a quick questionnaire about the message, which number sent it, and so on.

According to IMB, phishing is the second most expensive cause of data breaches costing US businesses on average 4.9 million per incident.

Let our experienced team of IT Security experts help you protect your company.

YES, I'm Ready To Protect My Company

IS YOUR MICROSOFT LICENSING SET TO RENEW?

Schedule a free 1-hour business consult to discuss your licensing needs.
Talk To A Dalechek Licensing Expert Today!
Get Started Today!
close-link