Problem solve Get help with specific problems with your technologies, process and projects.

Smishing: How to protect enterprises from SMS fraud

Learn more about protecting enterprises from smishing, or SMS fraud, in this expert response from Nick Lewis.

Can you describe how smishing (text message phishing) works and how enterprises can protect their smartphones from this threat?
Spam and phishing have expanded over time to incorporate new ways to attack users. Smishing is text message phishing, and many times, these malicious texts don't actually originate as SMS messages, but rather as emails sent through an email server to an SMS gateway. Assuming an SMS message, or even a telephone call, originated from where the message or call says it did could be risky, since caller ID can be spoofed, and emails sent through SMS gateways may not accurately report the email sender . Sprint recently issued a fraud alert about scammers trying to obtain personal information through smishes in order to perpetuate banking fraud.

The most effective protection measure against SMS fraud may be security awareness education for your smartphone...

users. It's important that users know not to trust every SMS message -- particularly those from institutions that hold their personal information, such as banks. Users should verify and call the official phone number of an organization or independently verify the website in question if they do receive an urgent SMS message meant to protect them from fraud.

There are also new security tools available, such as SmrtGuard from Smartphone Solutions Inc. or AhnLab Inc.'s Mobile Security products, that can be installed on smartphones to protect against malicious SMS messages, and traditional antimalware companies are expanding their smartphone protection by including antispam for text messages or adding encryption technology to their core antimalware products.

This was last published in October 2010

Dig Deeper on Emerging cyberattacks and threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.