Smishing Scams

A smishing attack was recently used by cybercriminals to obtain credit card information so they could then purchase cryptocurrency and then exchanged that for cash. Smishing attacks are a type of scam that cybercriminals use to steal information and involves sending text messages.

In the latest scam, cybercriminals sent out text messages to people claiming to be a bank. They try to trick these people into giving them their bank login information by saying there is a security issue, and they need them to login into their bank to resolve it. This text message includes a link and once clicked, the victims are directed to a bank look alike page that prompts them to login. If they login and give their bank information on the spoofed page, cybercriminals are able to steal their username and passwords and use it for their own gain.

Tips:

• Never enter bank information from a link you clicked on in a message, email, social post, or direct message. Always use a safe browser and go to your bank website yourself.
• Cybercriminals can use any company in their smishing attacks, not just banks. Be wary of any text message you may get with a link.
• Always think before you click or tap on a link! 

Learn more tips like this and train your employees with our Security Awareness Training Program.