![\"\"](\"https:\/\/web-assets.esetstatic.com\/wls\/2021\/01\/Figure-1.jpg\")
<\/a><\/p>\nI asked for a screenshot of the message to see what she was dealing with.<\/p>\n<\/p>\n
\n Clearly this was a smishing text designed to entice victims into clicking on the link and then lure them into parting with their cash somewhere along the line. But why am I starting to see so many now? Just before Christmas I noticed my social media timelines were becoming filled with angry people who were receiving increasing amounts of these messages and some were falling for them far too easily.<\/p>\n There\u2019s one thing in particular that fraudsters are good at \u2013 manipulation. Also, they constantly reform their craft, adopting new techniques in order to tempt people to do what they would otherwise \u201chopefully\u201d think twice about. Many of us have become accustomed to classic phishing emails, and more and more people share best practices and awareness advice<\/a>.<\/p>\n However, smishing messages don\u2019t always get the same amount of publicity, which may play into the hands of the criminals behind them. SMS messages don\u2019t have a sender address that you can visually verify quickly (though this alone is no guarantee of any message being authentic) and some can even cleverly attach themselves to previous chat threads within legitimate correspondence on your phone and so may, at first glance, look genuine even to security professionals<\/a>.<\/p>\n Before I cover the advice on what you should do if you receive one of these messages, I wanted to share with you some research of my own into a few such messages to see what I could discover. I think it\u2019s important to know how the messages are constructed and understand the psychology behind them. After all, these campaigns must be working, otherwise they wouldn\u2019t continue to flood our inboxes.<\/p>\n I decided to see what was behind the links, so I used a separate machine on a separate network designed to withstand any potential malicious sites I might have to enter. The link was a shortened URL that took me here:<\/p>\n<\/p>\n \n There is no attempt for the URL to be similar to any well-known delivery company, but it contains words that are similar to what you may expect. I first thought that the subdirectory of the link sent might have been unique to my mother-in-law, but I generated multiple other subdirectories and couldn\u2019t find any other that worked. This helped me learn that in this instance, the criminals weren\u2019t keeping a track on which numbers had clicked and which hadn\u2019t. This can happen in some cases where victims get placed on \u201csuckers\u2019 lists\u201d.<\/p>\n The first page asked me to schedule a delivery with the fee shown. I tried to visit this page using my virtual private network (VPN), as if from different countries, but found it to only work from the UK \u2013 a sign this phish was not that sophisticated. However, my favourite part is if you look closely, the fraudsters used the company name \u201cIPS\u201d rather than UPS but had taken the time to copy the logo. Why not just use the correct logo? It\u2019s not like copyright is likely to be a worry on their agenda.<\/p>\n<\/p>\n \n After clicking through the prompts, I arrived at a page suggesting that the \u201cpackage\u201d would arrive in 24-48 hours\u2019 time. I gave it half a point for being clever enough that whenever I clicked on the \u201cschedule delivery now\u201d link, the dates that followed were accurate.<\/p>\n<\/p>\n \n However, when I clicked on \u201cEnter Shipping Information\u201d I was directed to another site altogether and it took me to an iPhone special offer, which seemed strange \u2013 for only \u00a31, I could purchase a phone! It went on to request personal details, including credit card details and CVV numbers. What seems odd to me is that if the con artists are able to entice people to this stage, why change tack and offer a heavily discounted mobile phone instead of focusing on the more plausible \u201cdelivery\u201d?<\/p>\n I was also recently forwarded another smishing message that I was more \u201cimpressed\u201d with. This time it was a link to a fake Royal Mail site. Although the URL is not even attempting to look similar, the website did have a more genuine, authentic feel than the previous \u201cIPS\u201d company site.<\/p>\n<\/p>\n \n As you can see, the fake Royal Mail front page link I was taken to is what you would expect it to look like:<\/p>\n<\/p>\n \n After clicking on the \u201cschedule new delivery\u201d link, I was asked to input my personal information, such as my name, address, DOB, bank details and, of course, my mother\u2019s maiden name. (Why would Royal Mail ever require this?)<\/p>\n<\/p>\n \n I was then able to continue to payment details. After all these details had been filled out, there was a small fee (\u00a32.95) shown to have the parcel \u201cdelivered\u201d, at which point I was required to fill in some credit card details. I attempted to fill this out with multiple lines of phoney data but there were checks in place; for example, the credit card number had to be a 16-digit number. However, I noticed that I had been taken to another website, which was, in fact, a genuine website that had been hacked and used for this scam. I made the site admins aware and now the site is down.<\/p>\n<\/p>\n \n After some research, I found a victim who had recently told the BBC<\/a> about how he had received an email like this purporting to be from the delivery firm DPD. He was asked to pay \u00a32 for a re-delivery and, unfortunately, he entered his bank details like on the requests seen in the screenshots above. When he checked his account balance two days later, he discovered a new purchase from Apple UK for \u00a3409 that he had not authorized. Although the man’s bank refunded the full amount lost to this scam, not everyone is so lucky.<\/p>\n As these messages increase in frequency and creativity, just remember to think twice about any message that comes in asking you to act quickly \u2013 whether it be to scare you or because it is a great deal. Messages that affect your emotions<\/a> are manipulating you without your subconscious knowing it. This is the clever psychology being used to make you use your quick brain before your slow, reasoning brain sets in and takes over, questioning such communications.<\/p>\n Furthermore, we need to get the advice and awareness out to those who may be more susceptible to such cons. Those, like my mother-in-law, who are far too often highly trusting and prone to fall for fraudulent schemes. As a WLS reader, you are probably a seasoned pro at spotting a fake message, but those who are less fortunate to possess this skill are the ones we need to help and support. REMEMBER: Don’t be too quick to click!<\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\nAnother example of smishing<\/h2>\n
<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\nHow to protect yourself against smishing<\/h2>\n