Phishing shows no sign of slowing down anytime soon and will only continue to evolve in sophistication and effectiveness. It is currently one of the most popular modes of delivery for malware infections whether to steal sensitive information or gain a foothold into the network of an organization. An organization that has fallen victim to a successful phishing attack will often sustain huge financial losses, in addition to the loss of customer’s trust and reputational damage.
Although there has been an increase in awareness surrounding SMiShing scams, the threat posed by SMiShing scams cannot be ignored because the majority of us still depend on SMS and other similar mobile applications to communicate with one another. A survey has shown that in 2019, 60% of SMS users received spam messages once a week, and 28% almost every day.
What makes SMiShing scarier is that many of us tend to trust SMS messages more than email messages. The way SMiShing works is similar to that of phishing, wherein an attacker pretends to be from your bank and asks for your details or encourages you to click/visit a link to get an offer, reward, or a discount. This action will enable the threat actor to obtain your sensitive data or initiate a malware download process in the background.
The year 2019 has seen a sharp rise in phishing activities, where nearly 71% of phishing attacks were financially motivated, as reported by security experts. Nearly 29% of breaches involved the use of stolen credentials, and nearly 33% of breaches used social engineering. As opposed to the general assumption that large organizations are frequently targeted by phishing attacks, nearly 43% of breaches involve small-scale businesses and industries.