Smishing attacks(Smishers) are rampant in India causing the Indian government” to warn the general public and business owners. Smishing is a social engineering attack that uses fake mobile text messages to trick people into downloading malware, sharing sensitive information, or sending money to cybercriminals. The term “smishing” is a combination of “SMS”—or “short message service,” the technology behind text messages—and “phishing.”
IBM described the causes for this surge being “the increase of bring-your-own-device (BYOD) and remote work arrangements have also led to more people using their mobile devices at work, making it easier for cybercriminals to access company networks through employees’ cell phones.”
People rely on website advertisements less each passing day, however, the victims of these hackers also called ‘smishers’ have a high likelihood of clicking on SMS links and texts. Klaviyo reports that SMS click-through rates hover between 8.9 percent and 14.5 percent. By comparison, emails have an average click rate of only 1.33 percent, according to Constant Contact.
There are several templates used in these fraudulent SMS like pretending to be a financial institution, a government body, customer support, a shipper, or a boss/colleague. They can also pretend to text the wrong number or offer free apps. The messages can be received in the following format, “Dear SBI User, Your SBI Account Will Be Blocked Today. Please Update Your PAN Card Immediately. Click Here."
In March of this year, news sources in India revealed over 40 bank customers of a private bank lost lakhs within three days after clicking on a dubious link, in early August a woman in Gurugram lost Rs. 1 lakh in this bank SMS scam.
The woman received a similar message from her bank which caused her worry. Business Standard reported, “As soon as the panic-stricken woman clicked on the link, it took her to a webpage, where she followed the instructions asking her to feed in her details. After following the process, she entered the OTP which she received on her phone to complete the PAN and mobile link process. However, within minutes, Rs 40,000 was deducted from her account.” Despite registering a police complaint, the woman never got her money back.
Protect yourself from Smishers :
The government has advised mobile phone users to be wary of any text messages that they receive that are:
- Urgent or threatening
- Requesting personal information
- Sent from an unfamiliar number
- Do not click on any links in text messages that you receive from unfamiliar numbers
If you receive a text message that you think may be a Smishing scam, do not reply to it or click on any links in the message. Instead, contact the company or agency that the message claims to be from directly to verify its authenticity.
You can also report Smishing scams to the government's Cybercrime Reporting Portal.
According to government data, more than nine lakh incidents of phishing and vishing have been reported in the last two years. Customers have collectively lost nearly Rs 1,500 crore due to such incidents between April 1, 2020, and March 31, 2022.
Bank users need to know that legitimate banks, government bodies, and other institutions never ask for encryption-related information or any private info to log in through unsolicited text messages or even phone calls for that matter. OTPs are never to be shared with anyone whatsoever.
In case you become a victim of these smishing attacks, call your bank to block your account, dial 1930 which is govt. helpline to report online financial fraud and report any cybercrime at cybercrime.gov.in.
Reliance on mobile phones grows, and smishing has emerged as a significant threat, requiring individuals to stay vigilant and informed. Be careful!
Please, also have a look into : A devotee with only Rs 17 in the bank offers Rs 100 crore cheque to Andhra Temple