The Federal Bureau of Investigation (FBI) announced through the Internet Crime Complaint Center (IC3) a new phishing attack targeting mobile instant payments. Cyber criminals are imitating financial institutions by sending SMSishing messages to unsuspecting recipients. The SMSishing message appears to come from a legitimate financial institution imitating a real message request. These cyber criminals are hoping you click the link in the SMS message to inquire about the recent payment.
What are instant payments
Instant payments are payments that happen in near real time, almost in an instant. It’s a great way to transfer money quickly and at any time of day. You can use instant payments between yourself or with your customers and clients. Instant payments can be important in closing a sale or putting a down payment on a purchase.
How this works
Even if you do not use instant payments, you could fall victim to this cyber attack. This Is because the cyber criminal is hoping you contact them with a concern your real money has been stolen or been blocked for a purchase. Once you reach out to the cyber criminal, they will try to get your very real account information. Once they have this from you, they will initiate a money transfer and take money from your account.
What you can do
These attacks really focus on tricking the recipient into giving up financial information freely. Protecting yourself requires you to be savvy and to be aware of these types of cyber attacks. It is important to be methodical when receiving these types of messages. Do not panic or rush to a conclusion and ask yourself:
- Were you expecting a payment to process?
- Does your financial institution usually communicate in this way?
- Does this message seem odd?
These questions allow you to take a step back and examine the message you received. Once you step back, call your financial institution and confirm if the message was legit. It is recommended to call them directly and not by clicking any links in the message or calling any numbers from the message. This way you can help ensure you are calling the legitimate institution.
For more on cybersecurity for your small business check out Small Business, Big Threat!