Smishing attacks have expanded by over 700% in the first two quarters of 2021.
According to the latest smishing statistics, there were 376,032,773 spam texts sent per day in April 2022.
In 2021, 74% of enterprises were targeted by smishing attacks, a 13% more increase than increase over 2020.
Victims have lost many millions of dollars to smishing attacks.
Less than 35% of people know when they’re becoming the target smishing attacks.
What is Smishing?
Smishing is a variation on phishing, in which perpetrators use text messages to dupe targets into giving up valuable information. Because people tend to trust text messages more than emails, this vulnerability is what perpetrators exploit in this new scheme. While smishing has been around for some time now (the first known instance was in 2007), it’s only recently received attention from cybersecurity professionals as more companies are experiencing these attacks on a regular basis. If your company is susceptible to smishing attacks, then it’s important to get the right help to protect yourself and your employees. Please refer to Managed IT Services Lafayette for more information.
Is your business protected from smishing attacks?
So, how do you know if your business is protected from smishing attacks? If you are using a security solution that can detect phishing emails and block them, then the chances of being targeted by a smishing attack are reduced.
If you are using an outbound SMTP gateway or server in order to send emails on behalf of your company, then this will reduce any risk of messages being intercepted by hackers who could use them as bait for smishing attacks.
The best way to protect yourself against both phishing and smishing attacks is to follow these three steps:
- Train Your Staff – Make sure all employees know how to identify different types of phishing emails so they can report any suspicious activity immediately;
- Install Anti-Phishing Software – Make sure all users have anti-phraining software installed on their devices which will prevent them from opening malicious links sent via email;
- Never Click On Links In Emails – Instead type the web address directly into a browser window (if possible), or call someone listed within an email message directly
You should know that smishing attacks can happen to any company, regardless of size or industry. Most commonly, the attacker will try to convince you that your bank account has been compromised by sending a text message saying so. Once you receive this text, it’s important to delete it and block the number from which it was sent. If you receive a similar message from someone else claiming that your bank account has been compromised, report it to your bank immediately.
- Educate employees on cybersecurity best practices. Educate your employees on the dangers of phishing scams, how to spot them, and what they should do if they receive one.
- Be selective with who you provide your business phone number to. Do not provide the personal contact information of employees either online or over the phone unless it is absolutely necessary for that person to have it in order for them to do their job effectively. Also ensure that all staff members are aware of this policy and explain why such caution is necessary when providing such information out of context.
- Download an app that blocks spam messages and calls on company devices (such as Google’s “Call Blocker” or Microsoft’s “Spam Call Notification App”). For more tips and tricks on blocking smishing attacks, please contact IT Support.
Post courtesy: Bridget Juelich, Sales & Marketing Manager at CommTech.