Blog Details

image

What Should You Know About SMS Phishing?

What is Phishing
Phishing allows an attacker to use compelling text messages to trick a targeted recipient into clicking a link, sending the attacker's personal information, or downloading a malicious program to a smartphone. It is a kind of phishing.
Most of the 3.5 billion smartphones in the world can receive text messages from any number in the world. In Singapore, at least 469 people who reportedly fell victim to phishing scams involving the bank in December 2021.Many users are already aware of the dangers of clicking a link in an email message but only a Few people are aware of the dangers of clicking a link in a text message.
Phishing is often an advantage for attackers phishing credentials, banking information, and personal information because users rely much more on text messages.



How SMS Phishing Works
Most SMS phishing attacks act like email phishing. The attacker either sends a message that prompts the user to click the link, or requests a response that contains the personal information of the target user.
The information the attacker needs can be anything like the following:

  • Access data for your online account.
  • Personal information that can be used to steal personal information.
  • Financial data that can be used for sales in the dark web market and online fraud.




Smishers use a variety of methods to trick users into sending personal information. Basic information about the target from public online website (such as name and address) to trick the target that the message came from a trusted source. The Smisher can contact you directly using your name and location. These details make the message more compelling. The message will display a link pointing to the server controlled by the attacker. This link can lead to credential phishing sites or malware designed to endanger the phone itself. The malware could be used to eavesdrop on a user's smartphone data or secretly send sensitive data to an attacker-controlled server.

How to Protect Yourself from SMS Phishing Attacks
Similar to email phishing, protection against SMS phishing depends on the target user's ability to detect SMS phishing attacks and ignore or report messages. If phone numbers are frequently used in fraud, Telekom can alert users who receive messages from known fraudulent numbers or delete messages altogether.

The phishing message is dangerous if the target user responds by clicking on the link or sending the attacker's private data.



Here are tips on how to detect phishing and avoid becoming a victim:
  • Messages provide quick money by winning prizes or collecting cash after entering information. Coupon code offers are also popular.
  • Financial institutions do not send login credentials or SMS requesting remittances. Do not send credit card number, ATM PIN, or banking information by text message.
  • Do not answer phone numbers that you do not recognize.
  • Messages received from a few digits may have come from an email address that is a sign of spam.
  • Bank data stored on smartphones can be targeted by attackers. Do not store this information on your mobile device. This banking data could be compromised if an attacker installs malware on a smartphone.


Sms phishing involve banks and it might happen to your company too. If your business need alternative to SMS authentication to keep your data and users secure, you are in the right place! We have better 2FA authentication option for you. For more information, please contact us at 6259 5962 or drop us an email at info@achievement.com.sg.

Drop Your Enquries Here!