Phishing Threats

Phishing attempts are on the rise, and it is important to familiarize yourself with the different attempts in effort to protect private and sensitive information.

Phishing
Phishing is the practice of sending fraudulent communications that appear to come from a legitimate and reputable source, usually through email and text messaging. The attacker's goal is to steal money, gain access to sensitive data and login information, or to install malware on the victim's device. 
Smishing
Smishing is a cyber-attack that targets individuals through SMS (Short Message Service) or text messages. In a smishing attack, cybercriminals send deceptive text messages to lure victims into sharing personal or financial information, clicking on malicious links, or downloading harmful software or applications.
Vishing
Vishing, short for voice phishing, refers to fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft.

How Does a Smishing Attack Work? 

• You receive a text message, possibly from a spoofed number that makes it seem as though it's coming from a legitimate business or individual, perhaps even one you're familiar with, such as your bank .
• The message describes an urgent issue with one of your accounts, asking you to verify information to resolve it.
• You respond either by clicking on a link, calling a phone number provided, or handing over credentials to clear up the error.
• You could be directed to a phony website or call center that seems legitimate and be prompted to provide sensitive information or download some type of malware.
• If you download the malware, you've granted the attacker access to your device. Any personal information you provide can be used to steal your identity and login to your accounts.

The information cybercriminals are after in smishing attacks includes:

• Social Security numbers
• Credit or debit card numbers
• Home Addresses, specifically zip codes, which allows use of your card if they already have the number.
• Login information
• Device and network information

How To Prevent Smishing

Smishing prevention for individuals includes:

• Be cautious of unknown texts using grammatically incorrect language
• Avoid clicking on links within text messages
• Do not respond to texts appearing to be from a financial institution asking you to update your account information or provide personal information
• If you get a message that looks to be from a bank or a company with whom you do business with, call the business directly from the phone number found on their website, not the phone number provided in the text
• Never click a link or call the phone number provided in a message if you're unsure whom it's from