Salesforce

Unwanted Texts (SMS) Messages

Printable View
« Go Back

Information

 
TitleUnwanted Texts (SMS) Messages
Resolution Description

What is "Smishing"?

Many organizations, products, and services offer text message alerts to keep you up to date as a consumer/customer. Cybercriminals are aware of these alerts and they're taking advantage of unsuspecting individuals. Text messages are sent from bad actors with dangerous links, prompting you to respond with personal information by posing as your bank, an online account, or other service - even including impersonation of an important individual reaching out to you with an urgent need. These text message based attacks are called Smishing - which comes from "Short-Message Service (SMS)". 

 

How it works...

A few examples of what you might see in a smishing attack: 

  1. "Use this Link..."
    • Scammers pose as a familiar company or service and send shocking alerts such as "Your account has been locked due to multiple failed logins." This is typically accompanied by a link to supposedly resolve the issue. 
    • Smishing links can contain malware that instantly installs if you made the mistake of clicking. This malware can contain keystroke-logging software or permit access to your applications and files - making it easy to steal your identity or hold your files for ransom.
  2. "Call this Phone Number..."
    • Smishing attacks may often impersonate someone you are familiar with in order to persuade you to call a number for an urgent need. A scammer will be ready to take your call and persuade you into providing personal information.

 

What can you do?

  • Remember that government agencies, banks, or any other legitimate business will never request sensitive information over a text message.
  • Take your time. Much like email phishing, texting scammers will often use social engineering tactics like impersonation or creating a false sense of urgency in their message.
  • Never click on any links, call any phone numbers, or reply to text messages that were unexpected. Contact the individual or organization directly (outside of the received text message) in order to verify the legitimacy of the text message received.
  • Security awareness training is available to all Butler staff, faculty, and students - use this to your advantage in order to gain the knowledge and tools to recognize threats in real time.

 

What to do if the smishing attack was sent to a Butler (RingCentral) extension

How to Block Numbers in RingCentral

 

Related Articles

What type of cyber threats should I be aware of?

Proofpoint ZenGuide Security Awareness Training

URL NameUnwanted-Texts-SMS-Messages
Powered by