It’s been around for a while but in this time of crisis, smishing is back in the spotlight. For those who may be new to smishing, it’s best explained as the well-known fraudulent phishing emails, but then using SMS. The sender ID for SMS messages can be changed so it looks like the SMS message comes from the bank, when in fact it comes from a person. A link to a fraudulent portal in the message does the same as the link in a phishing email, only via the mobile phone. Smishing also works when fraudsters send a phone number in the message. If the victim calls the number and issues privacy-sensitive information, data or money can easily be stolen.
In Smishing, UK Finance says, “a particular concern is the growing use of a technique called spoofing which can make a message appear in a chain of texts alongside previous genuine messages. These texts often claim to be from government departments, banks or other trusted organizations, offering payments related to the coronavirus outbreak or claiming to be issuing fines”
Caution: Banks will never send you a text message with a link to log in for online and mobile banking or ask you to reply with sensitive information. When in doubt, always contact your bank directly.
Mobile communication has become more important now than ever, with consumers unable to visit your office or store. That means companies need to prove their trustworthiness and protect their customers from fraudsters. Luckily, there are ways to ensure secure mobile communications between brand and consumer. We’re highlighting two mobile security solutions you can easily adopt in your mobile interactions.
Let them know it’s you with Google’s Verified SMS
Verified SMS is the new verification method from Google to validate your identity and increase customers' trust in your brand. SMS messages are often sent from a random number, which makes it hard for customers to know which numbers to trust. Ensure that your consumers always know it's you by getting your brand officially verified by Google. Each SMS (on Android) will be verified so recipients are ensured that the message is sent by the specific, trusted business.
Secure access to your online portals
Another way to limit risk threats, is by adding Two-factor Authentication (2FA). This means adding a level of authentication whenever granting access to secured online environments. Think of medical information for patients, company info for your employees, financial information for consumers, and order pages for consumers. By adding a second level of authentication on top of just a username and password, the chances of sensitive information falling into the wrong hands are limited. The user will also need to add, for example, a One Time Password to validate the user’s identity. A One Time Password is a string of characters or numbers automatically generated to be used for one single login attempt. One Time Passwords can be sent to the user’s phone via SMS or Voice.
The products mentioned in this article are just a grasp of our offering. Looking for ways to ensure safe mobile interaction with your customers? Reach out to us to learn more about our Access solutions, or get started with Verified SMS or One Time Passwords right away.