Part 2, Hikvision Senior Director of Cybersecurity on Examples of Smishing Hacks, Tips to Prevent Becoming a Victim of this Cyberattack
In yesterday’s blog, Hikvision’s Davis discussed an increase in smishing—a phishing hack that uses text messages to target vulnerable parties. Today’s blog will cover examples of smishing and five tips to help you avoid becoming a victim of this cyberattack.
A Refresher: What is Smishing?
Smishing combines the term SMS (text messaging) and the word phishing, a type of phishing that uses SMS and similar types of text messaging. Despite the name, smishing does not have to be delivered as an SMS text message. Smishing attackers will use any form of text or chat messaging that they can, such as Facebook Messenger, WhatsApp, GroupMe, Discord, Slack, or any other text-based mobile application or service.
Examples of Smishing
A smishing message may look like an alert from a courier service, a notification from a well-known bank or company, or even an announcement about the recipient winning a prize. As mobile numbers are tied to so many online accounts, sometimes the attacker will know the name of the target and include that in the message to add credibility. Below are some smishing examples to help you better understand and identify these types of attacks.
How-to Geek shared a package delivery smishing scam that could become very costly for a victim who is not paying close attention to the fine print. This attack starts with an SMS text message, informing the recipient that they have a FedEx package that needs the recipient’s delivery preference.
When the recipient clicks on the link, they are taken to a fake Amazon website where the recipient is informed that if they fill out a short survey, they will be given a change to receive a “Thank You” gift that is worth at least $100. As you can see in the image below, the web page looks and feels very much like the Amazon website.
After completing the survey and accepting the gift, How-To Geek states, “The real scam resides in the fine print. By agreeing to pay the small shipping fee, you’re also signing up for a 14-day trial to the company that sells the scammy products. After the trial period, you will be billed $98.95 every month and sent a new supply of whatever item you claimed as a reward.”
Scams are not the only style of smishing. Just like traditional phishing, many smishing attacks are trying to trick the recipient into sharing sensitive information or login credentials.
As you can see in the image below, there are three smishing examples. A fake bank security text, a free data offer that is using the target’s name, and a social engineering attack in Facebook messenger.
And, when you click or tap on the smishing link, you may be directed to a page that looks almost exactly like the valid website. You can see in the image below, there is little difference between the fake page and real page.
Five Tips to Identify and Protect Against Smishing
While it is more difficult to identify some smishing attacks versus a phishing email, there are some things that you can do. Below are five tips from Hikvision to identify and protect against smishing:
For more Hikvision insights to avoid hacks and reduce vulnerabilities, visit this link online.
Subscribe to newsletter
Subscribe to our email newsletter to get the latest, trending content from Hikvision
Hikvision.com uses strictly necessary cookies and related technologies to enable the website to function. With your consent, we would also like to use cookies to observe and analyse traffic levels and other metrics / show you targeted advertising / show you advertising on the basis of your location / tailor our website's content. For more information on cookie practices please refer to our cookie policy.
Core Technologies
Discountinued Products
Product Selector
Accessory Selector
HiTools Designer
Hikvision License Activation
Hikvision App Store
