Smishing
While phishing emails are still common, hackers have now shifted to text message attacks called “smishing.” Smishing is often more successful because text messages don’t get blocked by spam filters, allowing attackers to reach victims directly. These messages try to trick you into visiting fake websites, approving access to apps or services, giving away your personal or financial details, or even downloading harmful software like ransomware.
Tips to identify and avoid smishing attacks:
Read each incoming text carefully to identify smishing: Most smishing attempts come from a number not in your contact list (unrecognized numbers). They usually start with a message to take action to respond to:
A missed or delayed package (from Amazon, Canada Post or FedEx etc.)
A financial refund requiring attention (such as a CRA refund or Interac transfer)
A note asking for approval to access an application (such as a second authentication)
Ignore, block, and delete (IBD) smishing messages: When you receive smishing texts the best steps you can take are to:
Ignore the message – Never click on any links, call back any number or approve access
Block the sender – Utilize the blocking feature on your phone to block the sender
Delete the text – To avoid accidentally clicking on it, delete the message from your device
Reminder: It Starts with You! Be sure to participate in the quizzes and phishing simulations that will be taking place throughout the month. Not only will these activities serve as a healthy refresher for cyber security awareness – there are also many fabulous prizes to be won!
If you have any questions, please contact UHN Digital Security at DigitalSecurity@uhn.ca.