Smishing, also known as SMS fraud, is experiencing a surge in many countries, driven by the widespread adoption of smartphones. This poses a significant challenge for telecom operators convening at the Mobile World Congress (MWC) in Barcelona, the industry’s premier annual event.
What is Smishing?
Smishing, a portmanteau of “SMS” and “phishing,” refers to a form of cyber attack conducted through mobile text messaging. Much like traditional phishing scams, smishing aims to deceive individuals and organizations into divulging sensitive personal or financial information. Cybercriminals send deceptive text messages, enticing recipients to share confidential data, click on malicious links, or download harmful software.
How harmful it is?
The prevalence of smishing has surged in recent years, particularly during the Covid-19 pandemic, as smartphone usage for administrative tasks and online transactions has skyrocketed. A study conducted across ten countries by the Mobile Ecosystem Forum (MEF) revealed that 39 percent of consumers encountered at least one SMS scam attempt in the past year. Janet Lin, head of development at Taiwanese cybersecurity firm PINTrust, emphasized the global severity of the issue during a panel discussion at the Mobile World Congress (MWC).
Countermeasures
Various countries have established reporting platforms where individuals can forward suspicious SMS messages, enabling authorities to block fraudulent numbers. Telecom operators have deployed teams dedicated to filtering out fraudulent SMS messages, leveraging reporting tools embedded in operating systems like Android and iOS, as well as messaging platforms like WhatsApp. However, combating smishing often becomes a challenging game of cat and mouse, with fraudsters constantly adapting their tactics and evading detection.
Fraudsters exploit disparities in regulatory frameworks across different regions, capitalizing on lax enforcement in some areas. While regulators in Europe, the United States, and China have tightened regulations, regions like Africa and Latin America face limited regulatory oversight, providing fertile ground for smishing attacks.
Prevention is Key
Experts stress the importance of prevention in combating smishing. Consumers are advised to exercise skepticism regarding messages from unknown sources and refrain from clicking on links embedded in text messages, regardless of how authentic they appear. Stuart Jones of US cybersecurity firm Proofpoint underscores the need for vigilance among users to thwart smishing attempts effectively.
