How To

April 7, 2020

How to Protect Your Cell Phone From Smishing!

Posted by Deborah Frazier in "How To" Articles

Smishing and How to Protect Your Cell Phone

What is a Smishing Email?

A smishing email is a general term for a text that requests for you to click on a link, respond, or provide personal/corporate information.  The results of a successful smishing attack could mean compromised pin number, credit card information, passwords, social security number, and other private details that could lead to stolen identity.

What Types of Viruses Are Phones Vulnerable Too?

Interestingly, the types of viruses infested on phones are similar to the ones you see on computers.  For instance, your phone can be compromised adware, malware, ransomware, spyware, or Trojan horses.

How Do You Avoid Becoming a Smishing Victim?

There are many ways you can arm yourself against smishing attacks.  They include awareness, research, and avoidance.

1.  Watch Out for Questionable Text

smishing exampleClearly, this text example is an attempt to scam Trump supporters.  Subsequently, smishing texts often claim to already have an existing relationship with you. Remember, if you are not sure don’t click or respond.

The second clue is an immediate call for action.  Smishing texts will use emotional manipulation to try to get you to click or respond immediately.  In this example, they are clearly aiming to use a scare tactic by using the word “FAILED” in caps.

In addition, smishing texts will often use banking information to solicit feedback.  In some cases, they can even provide part or all of your account numbers.  Make sure it is legitimate before clicking.

2.  Google the Phone Numbersmishing example 2

When in doubt research the phone number.  In this particular example, it was a car insurance company.  Obviously, this is not the Republican party as suggested in the text above.

3.  Be Wary of Location Awareness

Cybercriminals are smart! They can use the VPN app on your phone to reveal your location. Subsequently, they know that a local text is more personal and will often yield a response from their victims.  For example, they can make it appear that you are receiving an offer from a local pizza parlor.

4.  DON’T CLICK or Respond

Watch out for emails from unknown sources that ask you to click on something or respond.  Both of these activities will download a virus on your device.

You should also beware of unsolicited emails from known senders with short subject descriptions or just a link.  For example, that person in your church or networking group that you hardly know will likely not send you a text with just a link out of the blue.

How Do You Know if You Are Already Infected?

Your phone could already be infected without your knowledge.  Here are some simple clues to find out if you are infected.  Is your:

  • Phone crashing a lot?
  • Is the battery draining much faster?
  • Phone showing new apps you didn’t download?
  • Device showing an unexplained sizable increase in data usage?
  • Phone company billing you for questionable text charges?
  • Does the device receive pop-up adds?
  • Phone overheating often?

How to Clean Up a Virus on Your Phone

To clean up a virus on your phone the first thing you need to do is clear the history and data.  This should help with any type of pop-ups.  Secondly, power off and restart your phone.  Thirdly, restore from an earlier backup if the first two steps didn’t work.  Last, restore as a new device as a last alternative.

Be Proactive About Smishing

The most important thing you could do to avoid a smishing scam is to download antivirus software on your phone.  Many users believe their cell phones are immune to security threats, but that is not true.

If You Think You Have A Smishing Text – Let Us Know

This post is part of the INSI Awareness Campaign that is designed to keep our clients protected and informed.  In addition, you can click here to learn more about our security offerings.

Most importantly, if you are concerned about smishing texts, please do not hesitate to contact our helpdesk at 770-387-2424 before opening it.  Our engineers are more than happy to check it out and make sure it is safe.  After all, we are here to serve you!

 

January 22, 2020

How To Protect Your Company Data From Phishing!

Posted by Deborah Frazier in "How To" Articles

What is Phishing Email?

A phishing email is a general term for an email that requests you to click a link, open a document, or provide personal/corporate information.  The results of a successful phishing attack could mean stolen identities or credit card information, compromised passwords, malware infection (including ransomware), and various other problems.

How Do You Avoid Becoming a Phishing Victim?

INSI offers many useful tools to help protect your company from phishing, such as spam filters, antivirus software, firewalls, and data backups.  All of these tools are critical in the defense against phishing.  However, these resources alone cannot prevent all attempts from reaching users.  Ultimately, everyone must be educated and vigilant!

What to Look for in an Email?

Your end-users must be trained and tested on how to identify phishing emails.  Following are the most common clues:

Unclear Heading:

  • Make sure you know the sender.  Also, ensure that the sender’s name matches their email address.
  • Be wary when the subject is not clear.  Usually, phishing emails are known to have oddities in the subject lines.
  • Check to see who the greeting is directed toward.  A generic greeting is a sign of phishing.

Unusual Requests:

  • One of the single biggest red flags is if the email insists on urgent action.  Cyber-criminals know that panicked users will be more likely to click on a dangerous link.
  • Never click on a link that claims it will redirect you to the company website as these links can actually send you to a fake website and trick you into giving your username and password.

Inconsistent/Suspicious Content:

  • Most professional companies will review their emails so that they will not often contain spelling or grammatical mistakes.  Take another look if you see many simple errors.
  • If you know the sender, ask yourself if the language used sounds like the person you know.  Look for a writing style inconsistent with how that person usually communicates.
  • Ensure all attachments are clearly named.  Many phishing emails use obscure or generic names to pique curiosity and encourage the recipient to open the attachment.

Now Let’s Take a Look at Some Real Examples!

Phishing Example

Don’t Be Afraid to Ask the Sender!

When I am unsure if it is a phishing email, I call the person directly and ask them if they sent it to me.  Sometimes I reply to the email with the same question.  I have found people do not get offended and they are more than happy to answer this simple question.

INSI Security Package

INSI’s Security Package includes a phishing email to all your employees.  We track who clicks on the email to determine who needs additional training on cybersecurity.  This package also includes a security audit, network security vulnerability assessment, semi-annual security check, biannual penetration test, quarterly security checks, staff training, antivirus monitoring, web content filtering, web protection, spam protection, and 24X7X365 monitoring and response.

We have multiple other managed security options available to meet all your needs.

When In Doubt – Let Us Know

This post is part of the INSI Awareness Campaign that is designed to keep our clients protected and informed.  If you are concerned about a phishing email, please do not hesitate to contact our helpdesk at 770-387-2424 before opening it.  Our engineers are more than happy to check it out and make sure it is safe.  After all, we are here to serve you!

 

By: Brandon Schultz & Deborah Frazier

© INSI IT. All Rights Reserved