Smishing is a malicious text from a messaging service which is a mash-up of SMS and phishing (Smishing). A smishing threat is a form of phishing that utilizes your mobile device as an attack vector. Often the initiation is in the form of a text message disguised as a communication from a bank or other potentially trusted brand than encourages a click-through to a phishing site where credentials are targeted.
As mobile devices become more prevalent for work communication, smishing threats will likely increase, as will their sophistication. These attacks are initiated in the form of a text message disguised as a communication from a trusted brand such as banks, retail, payment services, or even a trusted person. Frequently uses a disguised link, people tend to respond to text messages much quicker and with less thought than email, and their screens can hide important clues about the web pages they visit, making SMiShing a very effective, and thus dangerous, attack vector.
People also trust a message from their messaging app on their phone then email, because it’s hard to imagine a hacker has their phone number. According to Gartner, 98% of people read text messages and 45% are of people responded, as opposed to only 6% of people respond to emails.
Further complicating matters is that phishing protections on iOS and Android devices is almost non-existent, putting users and organization at increased risk of SMiShing attacks. With SlashNext, however, malicious SMS/text messages are accurately identified and quarantined, protecting users from taking the bait. Our native iOS and Android apps provide heavyweight mobile protection yet feature lightweight memory consumption and negligible battery usage.
Example: Screenshots of SMishing attacks.
SlashNext Blog | SMishing
Today, while man-in-the-middle (MiTM) attacks are still a big concern, the security endpoint has changed to the browser, creating a MiTB phishing threat that poses real danger.
It’s Time to Get Started with SlashNext
Learn how to leverage the industry’s best zero-hour phishing protection and IR solutions in your environment.