igital risk can be defined as financial loss , disruption , or damage to the reputation of an individual or organisation as a result of digital attacks . The increase in digital attacks during the pandemic , especially on people possessing multiple devices , demonstrates a need for better mobile security .
One of the many types of digital attack that has skyrocketed since 2020 is SMS phishing ( smishing ) attacks . According to a recent report from Tessian , 56 % of people who participated in their survey said they received a scam via text message in the last 12 months . A third of people ( 32 %) who received one complied with the request — a higher percentage than those who clicked on a phishing email .
According to Tessian threat intelligence researcher Charles Brook , data breaches are " a significant contributor to the increase in phone and email phishing . Breaches from major social media sites contain aligned personal information like names , mobile phone numbers and email addresses for thousands of individuals ".
" There is a good chance that cybercriminals will be collating or joining up the information from various data breaches to create an information-rich dataset of potential targets in order to make their scams as convincing as possible ," he continues .
In SMS phishing , attackers trick their victims into installing malware or revealing account information by sending them a link to a fake website . This fake page mimics a legitimate website , with the exception that
“ Cybercriminals will be collating … data breaches to create an information-rich dataset of potential targets to make their scams as convincing as possible ”
CHARLES BROOK THREAT INTELLIGENCE SPECIALIST AT TESSIAN
the false one promises victims a chance to win prizes in exchange for their personal data . There are security measures put in place against phishing links on major websites such as Gmail . With text messages , however , the situation can be tricky .
" The thing is that using phone numbers instead of URLs helps cybercriminals ' messages bypass security measures or detection controls , as these are typically looking for URLs in messages as a core indicator of a scam ," Brook explained .
60 May 2022