By now, most consumers are aware of quite a few of the methods that cyber criminals employ to gain access to their personal information. In one popular tactic, a criminal will send an email asking a consumer to verify their bank account information, credit card information and more. The most successful way to combat email phishing attempts is to not reply to the message or click on any links contained in it.
Criminals are now trying to do a similar thing with mobile devices. SMiShing (SMS phishing) is an attack aimed at getting the user to download malware on his or her mobile device. They accomplish this by sending an unsuspecting consumer a text messages with a link to a fake and fraudulent website or a phone number to call in order to validate personal and financial information.
The type of message varies, but the one thing that’s a constant is the sense of urgency the fraudulent message conveys. Consumers might receive a message from their financial institution that tells them their card will be cancelled if they don’t verify sensitive information. Or, it can be something simple like a free giveaway or discount on a specific product. Either way, these fraudsters want the unsuspecting consumer to click on the link and/or give away personal information.
While this isn’t a new type of phishing attack, it’s becoming increasingly popular for criminals. Criminals go where they can maximize their potential for stealing sensitive personal information. According to CMO Council, more than six billion cellphones exist in the world, almost two-thirds of adults utilize text messaging and over 90 percent of all text messages are opened within 15 minutes of being received. Organizations can easily see why this is becoming the latest ploy for fraudsters.
This type of attack is particularly troublesome because more and more people are utilizing their smartphones for all types of activity – bill paying, P2P payments, accessing financial accounts, online medical records and more. Furthermore, people are mixing their own personal devices with corporate networks and data. From a personal as well as a business standpoint, the potential for loss when a device is infected is high.
This is why it’s critical for your organization to employ a robust and multi-layered identity verification solution that deters fraudulent transactions. For more information about how IDology can help, contact us today.