Smishing: How to protect enterprises from SMS fraud

Spam and phishing have expanded over time to incorporate new ways to attack users. Smishing is text message phishing, and many times, these malicious texts don't actually originate as SMS messages, but rather as emails sent through an email server to an SMS gateway. Assuming an SMS message, or even a telephone call, originated from where the message or call says it did could be risky, since caller ID can be spoofed, and emails sent through SMS gateways may not accurately report the email sender . Sprint recently issued a fraud alert about scammers trying to obtain personal information through smishes in order to perpetuate banking fraud.

The most effective protection measure against SMS fraud may be security awareness education for your smartphone...

users. It's important that users know not to trust every SMS message -- particularly those from institutions that hold their personal information, such as banks. Users should verify and call the official phone number of an organization or independently verify the website in question if they do receive an urgent SMS message meant to protect them from fraud.

There are also new security tools available, such as SmrtGuard from Smartphone Solutions Inc. or AhnLab Inc.'s Mobile Security products, that can be installed on smartphones to protect against malicious SMS messages, and traditional antimalware companies are expanding their smartphone protection by including antispam for text messages or adding encryption technology to their core antimalware products.