According to a study conducted by the German university FAU in 2016, 45% of users will click on a link received by email or SMS, even when they do not know the source. terovesalainen / stock.adobe.com
"Your package has been delivered, please check "," You must pay €1.90 VAT for your package and avoid customs fees (€15) "," Your Facebook account has been compromised, please enter your login details". This text message may be familiar to you. Rest assured: you are not an isolated case.
Over the summer, a large number of users told Twitter that they had received these types of messages on their smartphones. “This phenomenon is not new, but it is developing, so... be careful not to get caught by clicking on scam links!
David Sygula, a security expert, has warned cyberspace for startup CybelAngel. Despite the doubts that it was legitimately influencing someone who received such a message, it was indeed "pure fraud," he assured.
What is smishing (SMS + phishing)
Like phishing done via email, smishing (SMS + phishing) is a fraudulent method carried out via smartphones. More precisely, fraudsters encourage recipients to communicate their personal data (passwords, etc.) or bank details by pretending to be an official body.
According to the French cybersecurity publisher, Sekoia IO, no less than 70,000 booby-trapped SMS were sent in mid-July 2022." But there is little doubt that this figure is actually much higher. All operators have fallen victim to it, and then cybercriminals have cost practically nothing. "explained the cyber threat specialist.
How to recognize and detect fraud and smishing cases?
Often we find it difficult to detect cyberattacks, but if a smartphone starts to paddle more than usual, "that's already a bad indicator". "Especially because many people don't have their latest anti-virus software," adds David Sygula.
However, there are ways to detect possible fraud. For example, the language used in text messages (errors, nonsensical sentences) can raise suspicion. "But there aren't always major spelling mistakes and language barriers for the simple and good reason that the kilometer law also works for hackers," he added.
In other words, cybercriminals don't have to be on the other side of the world to prepare for their scam. Otherwise, the user can look into the URL. If the address listed in the SMS does not refer to the official URL (the site in question) "it is already a warning and a bad signal," said David Sygula.
The most common smishing attacks are those using the most well-known brand names such as Netflix, Amazon or Colissimo. The goal of the scammer is to “spread a wide net and reach as many people as possible in the minimum amount of time”, say experts at CybelAngel.
And even if the click-through rate is low, the operation still proves lucrative for these scam aces. Because smishing is based on a sense of urgency. “You just have to wait for delivery for it to work. This is profitable from 0.001% for hackers ”explains the specialist. During 2020, 17% of requests for help on the relevant Cybermalveillance.gouv.fr.phishing platform. This case is threat No. 1 for individuals according to government reports published on the same platform.
Preventive measures against SMS fraud (smishing)
Obviously, it is advisable to adopt a cautious attitude so as not to fall into the traps set by cybercriminals. Going slower, adopting an attitude of vigilance and good checking reflexes like updating your anti-virus software regularly are all preventive measures that can enable us to avoid SMS scams, which are often very anxiety-provoking.
If there is a suspicion of smishing, any user can transfer the SMS in question to 33700 or report it via message on Internet-Signement.gouv. Because cases of message fraud (smishing) are handled very efficiently by the authorities.
Photo Source: Hancock Whitney Bank
){kind=link}
Post a Comment
Post a Comment