Mobile smishing attacks are on the rise

Published: December 21, 2010 by ofonseca

Mobile devices are important tools to efficiently manage a business and to quickly meet the needs of a customer.  Think about the hit in productivity you’d take if you lost your smart phone or PDA.  Several weeks ago I wrote about the importance of implementing a wireless data policy to protect employee account data from being used to defraud a company.  However, a recent warning issued by the FBI’s Internet Crime Complain Center points to another danger associated with mobile devices.

Cybercriminals have been increasing their attacks on mobile devices through SMS text messages and fraudulent voice messages.  These tactics are very similar to traditional email phishing scams and ask the recipient to respond to verify an address, credit card number or other form of PII.  For example, through a process called smishing, a mobile subscriber receives a text message stating, “ABC credit card is confirming your purchase” and asks the user to visit a URL or call a phone number to verify a credit card number.

Obviously these attacks have serious implications for employees on a personal and professional level.  The financial impact to a company could be huge if an employee innocently provided a corporate bank account number as a response to a fraudulent SMS text message.

Fortunately, there are several steps employees can take to prevent the chance of becoming a victim. For example, you can advise employees not to respond to text messages or automated voice messages from unknown or blocked numbers.

Advise your employees about these potential dangers before any damages are done.