If we showed you 20 emails and texts, 10 being real and 10 being scam emails, how many fake ones do you think you’ll be able to spot? Well TSB did exactly that and found out that only 18% of people spotted all 10 fake emails. You might think ‘Well 9 out of 10 isn’t that bad’ but all it takes is for one email to work to compromise that account or multiple accounts if you use the same password for them. And if it works on your work email you could potentially be compromising sensitive documents and customer details. Granted, the email scams are slightly easier to spot if you know what you’re looking for (Address, spelling mistakes, indirect threats) but the smishing world can be a lot harder to spot.
Smishing scams where fraudsters copy a bank or other legitimate company’s phone number to appear alongside real messages, are designed to capture people’s details whether that be banking credentials all the way up to passport information harvested by fake webpages that these texts link you to leaving your money in these criminals hands.
As mentioned before, spotting smishing texts can be harder than spotting phishing emails as all the information you get is a text and the number it came from. For phishing emails; always check the address the email came from, even if the display name appears to be from a legitimate source. Also keep an eye out for spelling and grammar mistakes as an email from a legit source is unlikely to contain any.
But although at first glance they can be harder to spot, there are some tell-tale signs to look out for:
Links in text messages. Most banks don’t use them, so never click on a link in a message claiming to be from your bank. When it comes to messages from other senders, be very careful, and double-check the message is legitimate by finding the company’s official webpage and logging in that way or contact its customer services.
Typos. Phishing texts and emails are often riddled with typos. Many either miss words out or misspell them, or use the wrong punctuation.
Phone numbers. Be very careful never to ring a number given to you in a suspicious email. Double-check it’s correct by looking on a bank or other company’s official website.
Urgency. Scammers always try to rush you, so fraudulent messages usually tell you that you need to take urgent action, either to stop a loss or to claim money. Genuine companies don’t rush you. Slow down, and don’t rush into making a mistake.
Cyber Wise has a variety of training courses tailored to your company that teaches your employees how to spot phishing emails and smishing texts among other important aspects of business security. Contact us now to arrange your risk-free trial.