UK banks have issued warnings over the rising number of Coronavirus smishing scams. They’re a type of phishing attack designed to take advantage of us all being less vigilant than normal. Here’s all the latest – and how to keep your small business protected from the threat of smishing…
‘Smishing’ is a form of phishing attack, where a text message pretends to be from a recognised source – known as ‘spoofing’. Smishing attacks are surprisingly effective at getting users to hand over personal data. That’s why cybercriminals are using this tactic during the pandemic, when messages from well-known organisations are being sent regularly.
Most of these fraudulent text messages include links to a fake website to gather financial or personal information – think: bank details, passwords and credit card credentials.
There’s been a rise in smishing attacks impersonating government departments, banks, health centres and charities during the pandemic. A recent investigation found that thousands of new smishing attacks are being launched every day to try to cash in on our need for urgent information about the outbreak. More than 16,000 suspicious domain names were recently registered related to Coronavirus for potential use in scams.
A recent phishing scam saw cybercriminals pretending to be from the Government, offering tax refunds to help people cope. That particular scam has also been sent via text message. The Government has assured businesses that they’re as committed to tackling cybercrime as ever. The NCSC has issued guidance on how to stay secure during the pandemic – something we blogged about earlier this month.
Never click a link in a text message, no matter the source. Spoofing tactics have got more sophisticated. Text messages might appear in a chain of actual texts from your bank, for instance. What’s actually happening is that fraudsters have used simple software to disguise their message amongst official, legitimate ones.
If you’re not sure if you need to act based on a text message you’ve received, call the number on the back of your bank card, or search for the contact information of the organisation to get in touch with them directly, ideally using another device.
Follow the advice of the Take Five to Stop Fraud campaign and take a moment to think before parting with any money or personal information. And, if you suspect you’ve received a smishing text, you can report it to your network provider by forwarding it to 7726.
Be extra vigilant at the moment about hoaxes and other forms of fraud. Instagram banned Coronavirus image filters that claimed to ‘diagnose’ your condition, and phishing emails and ads pretending to be from the World Health Organisation were also recently taken down. Victims were urged to open a document with supposed information on how to stay safe. NHS workers are also increasingly under threat from phishing and smishing attacks attempting to gain access to their work IDs and NHS systems.
Smishing and phishing attacks are having a profound effect on individuals, but they can also devastate businesses. A form of data breach, they could undermine customer and supplier confidence in your business at an already uncertain time, as well as having direct financial implications. You may have already been the victim of a phishing scam – cybercriminals are posting details all the time on the Dark Web for sale.
We’ll help you find out if you’ve already been affected by conducting a Dark Web search for your business’ data, plus help keep you secured from future attacks. Contact us to find out more – we’re here for you.