Need Help?
To create a new support ticket please email supportdesk@calnet.ie.
There is no doubt that the COVID-19 pandemic opened up a whole new world of opportunities for cybercriminals. People were distracted, they were spending more time on their devices, and ordering items online became an even more common occurrence.
Many people fell victim to scam messages that appeared to be from a well-known delivery company, stating that their package had been delayed and they needed to confirm their details to authorise its release. This type of cyberattack is known as ‘smishing’, or ‘SMS phishing’.
In a smishing attack, cybercriminals attempt to trick the recipient into clicking a link in a text message. The intention is usually to gain access to the victim’s bank account, but they may also be trying to steal personal information such as passwords and email addresses.
Attackers use manipulative social engineering tactics to appeal to people’s emotions, and the messages often carry a sense of urgency that prompts them to reply or click on a link.
Gavin Kelly, CEO of Retail Ireland at Bank of Ireland, reported that there has been a huge spike in smishing attacks since the beginning of the pandemic. He attributed this to fraudsters “recognising an opportunity to target consumers as we spent more time using phones and computers”.
In 2021, Bank of Ireland reported a 184% increase in the number of customers being targeted by cybercriminals. Edel McDermott, Head of Fraud at BOI, warned of the potential financial impact, “with fraudsters attempting to defraud close to five times more money than in the same period in 2020”.
It can be difficult to distinguish between a scam and a legitimate text message since attackers are always finding new ways to prey on people’s hopes and fears.
Some examples include messages like: “Congratulations, you’ve won a million dollars! Click here to claim your prize!” or “Your DHL order is out for delivery. Click here to track its progress”.
Another common form of smishing is a text message from your bank, telling you that there’s been a suspicious login attempt on another device, or your account has been suspended.
If you’re not aware of smishing attacks like this, you might do exactly what the attacker wants you to do: panic and click the link in an attempt to resolve the matter.
Smishing attacks usually fall into one of the following categories:
If you click the link provided in any of these messages, you’ll usually be prompted to enter personal details such as your bank account number, PIN, email address or password. These details are then instantly shared with the attacker and can be used to blackmail you, spy on you, steal money from your account, steal your identity, or any number of other fraudulent purposes.
In June 2021, the head of the Garda National Economic Crime Bureau reported that thousands of euros had been stolen in a series of smishing attacks. Over just three days, there were more than one hundred attacks, with the stolen sums of money ranging from €2,500 to €19,500.
The financial repercussions of a successful smishing attack can be severe, and unfortunately, there is no guarantee that the money will be reimbursed.
After approximately €800,000 was stolen from Bank of Ireland customers in a spate of smishing attacks, the bank initially told those affected that they were liable for the losses because they had voluntarily clicked the link and supplied their account details.
Amid public pressure, the bank changed its stance and promised to reimburse those affected by the scam. However, they warned that reimbursements were not guaranteed in the future.
In order to safeguard your business against smishing attacks, ensure that you and your employees are aware of the warning signs.
If you receive a message with a request of any kind, take a moment to analyse it before responding. Remember, any credible financial institution will never ask you to divulge your PIN or account number via text message.
If you receive a message that is malicious in nature, delete it immediately. As long as you don’t click on a link or reply with your details, the message itself will not cause any harm. If you are in any doubt as to the legitimacy of the message, err on the side of caution and check with the supposed sender directly. If they didn’t send it, delete it.
If you want to avoid your business becoming another cybercrime statistic in 2022, consider partnering with a professional Managed Services Provider like Calnet IT.
Our cybersecurity services include:
A firewall is essential in protecting your company’s entire network against cyberattacks. Our managed FWaaS provides a flexible and affordable way to maintain best-in-class firewall protection for your business, as well as ongoing maintenance and regular upgrades.
To stand the best chance of identifying and responding appropriately to a cyberattack, everyone in your organisation should receive cybersecurity awareness training. Our comprehensive training includes simulated attacks and in-depth reporting to reduce the risk of your business falling victim to a genuine cyberattack.
We provide tailor-made infrastructure support services, giving you the peace of mind that your network is being continuously monitored and managed by a team of experts.
Contact Calnet IT today to find out how our proactive, affordable and reliable services can help safeguard your business against cyberattacks in 2022 and beyond.
It’s no secret that the global events of the past few years have altered the world of business for good. Employees are no longer willing to be tethered to their office desks; the hybrid workforce requires more flexible and agile working solutions that allow them to...
How Azure Virtual Desktop Security is Facilitating Secure Remote Working Practices As businesses across the globe have adapted to a remote working model, the need for more robust security measures has naturally increased. Disparate co-workers are naturally more...
Understanding Your Virtualisation Options: Azure Virtual Desktop vs Remote Desktop vs Virtual Machines The digital workforce now views flexibility as a necessity. The ability to work from anywhere underpins our current business environment. While several IT solutions...
%