Cyber crime has surged in Northern Ireland since the start of the COVID-19 pandemic, with smishing attempts in particular increasing dramatically. Fraudsters are constantly adapting their techniques and it is vital to stay vigilant to these increasingly sophisticated attempts.
What is smishing?
‘Smishing’ is SMS phishing, a social engineering attack targeting victims on their mobile phones. A fraudulent text is sent to someone’s mobile phone, asking them to click a link, call a number or otherwise act in a way that will lead to scammers obtaining personal or financial information.
Cyber criminals will exploit any situation, often preying on people’s emotions (using words like ‘warning!’, ‘act now!’ or ‘good news!’) and using fear or urgency, to manipulate people to act in a way that suits their scam.
Had a text recently from a delivery company or even the NHS? Think twice.
Scammers can target users by inserting fraudulent texts into legitimate message threads between a company and its customers. Locally operating banks and well-known delivery companies were hit hard by this tactic in 2020, which exploits a user’s trust by impersonating a company they have previously received legitimate messages from.
Even without sharing any personal or financial information, just clicking on a fraudulent link in one of these texts can install malware on the person’s phone designed to enable fraudsters to gain control over the device and compromise sensitive information.
Police are aware of a new phishing text message scam circulating telling people that they are ‘eligible’ for the Covid 19 vaccination. The scam message reads “we have identified that you are eligible to apply for your vaccine” and links to a convincing, but fake, NHS page which then asks for bank details.
If you receive a text or email that asks you to click on a link or for you to provide information, such as your name, credit card or bank details, it's likely to be a scam. Scams can come in many forms and this one is just the latest attempt by fraudsters to exploit the pandemic for financial gain.
Protect yourself by following this advice:
- Do not open attachments or click on links in emails or texts from numbers you don’t know.
- Never give out your personal information, banking details or passwords in response to an email, text or phone call without verifying that the caller is who they say they are.
- Block any numbers you find suspicious.
- Always go to a website directly, by typing out the address yourself, when logging into an account. Do not click on links.
- Keep an eye out for spelling mistakes in messages and emails.
How can you help others?
Help your family to stay safe and secure from smishing attacks. Ensure you educate those around you, especially those who could be considered vulnerable to the threat, such as the young and the elderly.
Visit NI Cyber Security Centre for more advice and information.
You can find advice on how to secure your mobile devices and learn about other common cyber threats.
