Did you know that there are 6.648 billion (83.72%) people worldwide who own a mobile phone and in Saudi Arabia alone, 97.5% of its society owns one? Also, did you know that the average time people spend on their phones is 3 hours and 43 minutes?
With most of the world connected to their mobile phones on a daily basis, this incited cyber criminals to level up their SMS phishing attacks.
It’s no wonder that the number of smishing attacks has increased in the last couple of years. In 2021, 74% of enterprises were targeted by smishing attacks, a 13% more increase than increase over 2020. Individuals receive an average of 13 text messages a day, and the probability of one of those messages being a smishing attack is high (Zipwhip’s The 2021 state of texting Report).
To avoid being a victim of this attack, awareness is key. Unfortunately, last year when people were quizzed about their awareness of smishing, only 23% of them answered correctly, a surprising 8% less than the year before.
So, how are these cyber criminals currently luring in their victims?
Current Smishing Trends:
1- Delivery service-related messages have always been the number one topic for SMS, email, and voice phishing attacks.
It’s only logical that as eCommerce grows, so does the number of online shoppers around the world. The number of online shoppers is estimated to be 2.14 billion in 2021. Over the last few years, the number of online shoppers has increased. As internet connectivity grows around the world and online purchasing becomes more convenient, this growth should come as no surprise.
Receiving a text message from a delivery service company will not be something a person would be suspicious of since they are waiting for their online order to be delivered especially when it is received during the holidays. But an attentive person would quickly notice the indictors of a fake text message. When receiving an SMS from a company, they will never use a personal phone number or have incorrect grammar or structure. So, be on the lookout for these signs.
*This is an example of a fake delivery message disguised as the Saudi Post (SPL). once the person clicks on the link and enters their card details, then you have been officially compromised.
2- Messages claiming to be from the bank.
When you receive an alarming message stating that a significant amount of money had been withdrawn from your account, then you would panic and interact with the message blindly. This has resulted in many instances where people have had malware installed on to their phone due to the text message it is containing a link to “resolve the problem”. The mistake of taking action without caution is the downfall of many.
With contactless payment methods being on the rise, there have been many incidents where people receive a message from “Apple” warning them that their Apple pay wallet has been deactivated and should click on the link to reactivate. With this convincing Apple Pay text scam, hackers are attempting to phish consumers of their personal information. Apple has warned of this scam and asks its users to always sign into their account to double-check if there really is a problem.
*An example of fake SMS text claiming to be from a Saudi Bank ( AlAhli NCB) First of all, no bank sends from a personal phone number. The link attached is a fake website that can steal your information or cause malware to be installed on your device.
3- Marketing-related messages claiming you’ve won a prize.
Have you ever received a text informing you that you’ve won a prize or a voucher to something you’ve never interacted with but urges you to quickly visit their website by clicking the link attached? If yes, then hopefully you haven’t clicked anything on the message. The first indicator that this is a scam is that you received a message from something you didn’t register for or a brand you didn’t interact with. This way is commonly used by cybercriminals so they can pull you in by claiming that you’ve won a chance for a free coupon and all you need to do is click on a link and enter your information. As soon as you click on the click your device and info has been compromised.
*As you can see here, a person was sent a text message full of spelling errors from private number claiming they have won a prize. This is a prime and clear example of Smishing.
4- Receiving text messages claiming to be from a government entity
Since the beginning of the COVD-19 outbreak, governments have been contacting their recipients via SMS to notify them of any urgent news or updates, since text messages are the fastest way to reach people. These messages usually contain a link redirecting to a phishing website urging people to fill out a form claiming to be a mandatory step for every citizen. Sadly, these messages are still being sent and many are falling into these traps due to them not examining the sender and the content of the message thoroughly.
Be careful before clicking anything!
Share this article:
Popular


The 6 Colors of Hacker Hats | Explained
When the word hacker or hacking is mentioned, a universal definition pops into mind. A hacker is known to be a cybercriminal who inflicts chaos on their victims by breaching, stealing, or damaging online systems and data. This is just one part of what the word hacking withholds. And contrary to popular belief, hacking is a broad and diversified category that is misunderstood. The dependency on storing data electronically, as computers have taken over a large part of our life, results in the increased risk of data theft and becoming suspectable to hacking accidents. So, learning more about the ...
5th Jun 2022

Identity Access Management (IAM) | What is it?
With Digital Transformation, remote work acceptance and e-services becoming ubiquitous, Businesses’ and organizations – of all sizes – main concern is to keep its Information Technology (IT) up and running around the clock. This requires its various ingredients such as database and servers to be secure. This means they are always on the lookout for ways to achieve the most efficient way to be safe and secure. Typically, organizations follow basic protocols and use passwords to control and protect their digital assets from unauthorized access, however, statistics reveal that globally %58 of CISOs agree that human error is the number ...
3rd Apr 2022

Insider Threats in Cyber Security
Organizations tend to only focus on setting cyber security measures for potential threats and intrusions made by external circumstances. Unfortunately, they undermine the possibilities of a trusted employee launching a cyber-attack against them. This negligence resulted in 34% of businesses being affected by an insider threat on a yearly basis. This cyber security risk does not only leave the organization vulnerable but is also viewed as an easy target for internal and external threats. Whoever has authorized access to sensitive data, either it being an employee or a partner (which sometimes referred to as Third-party risk), is considered trusted and ...
3rd Mar 2022

6 Advantages of utilizing SMS Marketing
Many businesses are constantly seeking ways to interact with and attract new customers. Their joint objective is to reach a wider audience. To do so, communication is key. There are many ways for businesses to communicate with their audience, either by email, social media, or adverts, but the most beneficial marketing method, that is often overlooked, is SMS (text messages). Currently, SMS is typically utilized for personal communication, but it has proved to be an important marketing method that helps boost businesses in today’s mobile-centered society. In 2021, up to 3.8 billion people own smartphones and 60% of them read ...
1st Feb 2022

Juice Jacking: The Threats of Public USB Charging Stations
A shared scenario between many is being in public with a dying mobile device, franticly looking for a charger. When coincidently you find a free charging station calling out your name. You find a solution, but have you ever thought about the risks of using these public charging stations? The accessibility of these public USB charging stations is convenient but connecting your device to one can put you in a vulnerable position. With just plugging in your smartphone or laptop, you’re potentially opening up an opportunity for a threat actor to steal data or install malware all without your knowledge. This is known as Juice Jacking. Unfortunately, many are unaware ...
2nd Jan 2022

Phishing Emails: Why do we Fall for them?
Have you ever received an email wondering if it is legitimate or not, but then decide to click on it because the advertisement or the urgent warning catches your eye? Well, many have been in that situation with some consequently becoming victims to a phishing trap. Around 96% of phishing attempts are deployed via email and 74% of organizations suffered from a successful phishing attack (Proofpoint state of the Phish report 2021). These numbers will continue to rise if we don’t educate ourselves on phishing emails. Over time, cybercriminals are becoming more sophisticated and are in constant search of new ways to seamlessly trick their victims. Sometimes, even the ...
12th Dec 2021

The Threats of Mobile Malware | Explored
With mobile phones becoming an integral part of our daily life and with many shifting from desktops to mobile devices as their main way of computing, cybercriminals are following along. Unfortunately, the threats posed by mobile malware are evolving and becoming more sophisticated than ever, making them one of the rising cyber threats at this time. Cybercriminals are in constant search of sensitive data, and when such data is detected on a device, they will try their best to gain access through the device’s security flaws. Unfortunately, many do not educate themselves about the risks of having unsecure mobile devices ...
2nd Nov 2021

What are the 4 Major Cyber-Threats Smart Cities face?
With the increasing number of people moving from rural to urban areas, Smart cities have become the main attraction for many. The concept of Smart cities began between 1960 and 1970, but countries started prioritizing this idea in 2010. Yokohama, Japan, was the first city to be designated as a smart city demonstrator in 2010, two years later, Barcelona introduced data-driven urban services, such as public transportation, waste management, and street lighting, Cities are becoming more technologically empowered, and in order to capture opportunities and generate long-term success, they must become smarter. Unfortunately, cities that take this step neglect an ...
3rd Oct 2021

Enterprise Messaging Gateway: What is it? And What are its Types?
With technology evolving day by day, new developments are being made to align with today’s fast-paced society and especially with remote work culture where we don’t meet people as often as we used to. Any business or organization must take this into consideration to keep up with the current trends. One of the notable evolvements that occurred is the means of communication. The way we communicate with one another changes as technology evolves. Calls, formerly, were the most common way for businesses to communicate with their customers, however, it has been revealed that 87% of the 97% of customers who reject calls from businesses, ...
1st Sep 2021

The 5 Major Cybersecurity Threats Against the Healthcare Industry in 2021
The healthcare industry is known for being one of the primary targets for cybercriminals, and by 2020 it was ranked as the seventh most attacked sector. Unfortunately, hospitals, clinics, and medical laboratories have experienced a rise in these attacks in the last two years. And with the recent pandemic, cybercriminals took advantage of this event and launched many of their destructive plans. These attacks are mainly motivated by financial gain. They either sell the stolen data or request ransom money from their victims to enable them back access to their data. For instance, at the end of 2020, a major ...
1st Aug 2021