What are Phishing, Vishing, and SMSishing
Here at Security Bytes we often talk about new scams and alerts. Many of which involve phishing, vishing, or SMSishing, but what do these term actually mean? In short, they are forms of social engineering attacks commonly used to gain access to a business account or business data.
What is Phishing?
KnowBe4 explains phishing as “the process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity using bulk email which tries to evade spam filters.”
What is Vishing?
According to Norton, vishing is “a phone scam designed to get you to share personal information.”
What is SMSishing?
CSOOnline.com states that SMSishing is a “cyberattack that uses misleading text messages to deceive victims. The goal is to trick you into believing that a message has arrived from a trusted person or organization, and then convincing you to take action that gives the attacker exploitable information (like bank account login credentials, for example) or access to your mobile device.”
How to protect against Phishing, Vishing, and SMSishing
Here are a few important questions you can ask yourself if you suspect someone is phishing, vishing, or smsishing your small business:
- Do you know the sender, caller, or texter?
- Are they urging you to open an attachment, to click a link, or to give them personal or business information?
- Did the email, call, or text come outside of expected business hours?
If you answer yes to any of these, try and verify the sender, caller, or texter is legitimate.