Take a look at the following screenshot. You might have received a similar SMS which seemed to be genuine. In fact, after a bit of analysis, we realize it is not genuine. It is an example of SMS phishing.
The links in the SMS may install malware on the user’s device or direct them to a malicious website, or direct them to call a number set up to trick them into divulging personal and financial information, such as passwords, account IDs or credit card details. This technique is used a lot in cybercrimes, as it is far easier to trick someone into clicking a malicious link in the e-mail than trying to break through a mobile’s defenses. However, some phishing SMS are poorly written and clearly appear to be fake.
SMS Phishing is successful because it plays with the fear and anxiety of the users. Irrational SMS instills fear in the mind of the users. Most of the scenarios have to do with the fear of losing money, like someone has purchased something using your credit cards.
Other instances include, the fear when an SMS accuses you of doing something illegal that you haven’t done. Or an SMS regarding the possibility of harming your family members. of your family, etc.
Now let us see a few examples to understand the cases where SMS Phishing mostly happens.
Generally, scammers use email to SMS to spoof their real identity. If you google it, you may find many legitimate resources. You just google search: email to SMS providers.
The other classical scam is financial fraud which will ask you for PIN, username, password, credit card details, etc.
Spelling and bad grammar. Cyber criminals generally make grammar and spelling mistakes because often they use a dictionary to translate in a specific language. If you notice mistakes in an SMS, it might be a scam.
SMS phishing attempt to create a false sense of urgency.
Cybercriminals often use threats that your security has been compromised. The above example proves it well. In the following case, the subject says you have won a gift.
In this case, an SMS asks you to reply so that they can verify that your number is valid. This can increase the number of SMS spams in your number.
Spoofing popular websites or companies. Scam artists use the name of big organizations that appear to be connected to legitimate websites but actually it takes you to phony scam sites or legitimate-looking pop-up windows.
In order to protect ourselves from SMS phishing some rules have to be kept in mind.
Financial companies never ask for personal or financial information, like username, password, PIN, or credit or debit card numbers via text message.
Smishing scams attempt to create a false sense of urgency by requesting an immediate response. Keep calm and analyze the SMS.
Don’t open links in unsolicited text messages.
Don’t call a telephone number listed in an unsolicited text message. You should contact any bank, government, agency, or company identified in the text message using the information listed in your records or in official webpages.
Don’t respond to smishing messages, even to ask the sender to stop contacting you.
Use caution when providing your mobile number or other information in response to pop-up advertisements and “free trial” offers.
Verify the identity of the sender and take the time to ask yourself why the sender is asking for your information.
Be cautious of text messages from unknown senders, as well as unusual text messages from senders you do know, and keep your security software and applications up to date.
Bluetooth is a similar radio-wave technology, but it is mainly designed to communicate over short distances, less than about 10m or 30ft. Typically, you might use it to download photos from a digital camera to a PC, to hook up a wireless mouse to a laptop, to link a hands-free headset to your cellphone so you can talk and drive safely at the same time, and so on.
To obtain this connection, devices exchange each other’s PIN, but in general as a technology it is not secure. It is a good practice to repair the devices after a period of time.