SMS is a great way to interact with your customers, but scammers have also found some malicious uses. SMS phishing, also known as “smishing”, is on the rise, and consumers need to know how to spot it and how to use SMS to their advantage. In this blog we want to cover how you can protect yourself from SMS fraud as well as how SMS can be an ally in your fight against fraud.
How to Spot “Smishing”
Like the traditional form of phishing that uses email, smishing uses malicious links or activity in response to a text message in order to gain consumer information. The first big giveaway is that you do not recognize the number. Whether they are trying to impersonate a delivery notification from Amazon or a banking alert, if the number looks fishy, it probably is. The second giveaway is what they are asking you to do. They may send you a link, ask you to respond, or send you a question to answer. Do not respond unless you know the sender and have given them consent to message you in the first place. It’s better to be safe than sorry!
Don’t Share Important Information Via Text
There are simply too many risks when you send sensitive information in text messages. The recipient could misuse the information, someone with access to their device could also misuse it, or the device can even be hacked or stolen, exposing your information. If this information gets into the hands of a hacker, your information could be distributed or sold online via the dark web or on message boards. So instead of taking a picture of your credit cards (or other documents) or texting account numbers what can you do?
There are plenty of apps out there for secure messaging. Apps like KeeperChat, Telegram and Confide are advertised as safe alternatives because of their encryption and the multiple methods required to verify a users identity. While this is certainly better than just texting someone your credit card number, there is always the possibility of data breaches that can expose even the most seemingly secure systems (case in point: Equifax).
Use Payment Apps Instead of Texting Payment Information
People sometimes need to borrow money or split the bill at a restaurant. Apps like Venmo PayPal, Zelle, Apple Pay and Google Pay have all developed ways to do this, and with a lot of success. If someone needs to borrow money from you (like your wife needing to pay for a tow truck) using one of these apps is the most secure way to send them money because you set the amount and can always dispute charges that may be fraudulent. Texting someone your credit card info so that they can make a purchase is a big no-no.
How Texting Can Boost Your Security
Texting isn't all bad, in fact there are powerful ways it can help you beat fraude. Two-factor authentication adds security by adding another element besides username and password, since these two aren’t impossible for criminals to guess, hack or steal. Impostors might have one or both of these, but they rarely will also have access to your cell phone as well.
It’s also easy to set up. A text message service like Trumpia can provide authentication for your company which can be easily integrated with Trumpia’s API. This will be appreciated by your IT department and support teams, especially when they find out that no apps or extra hardware is needed.
It’s also always ‘on.’ The SMS platform and authentication process is automated, so you don’t need customer service or IT people working around the clock sending out texts and verifying customer information sent via two-factor. Even better, it can be accessed no matter where you are in the world, making it perfect for travel security as well.
Why You Should Enable Two-Factor Authentication
You need two-factor simply because your customers will appreciate it. With so many companies being embarrassed by large breaches, customers are increasingly cautious where and how they do business online, whether it’s sharing personal info or paying for products online. In addition to worrying about someone fraudulently accessing customer info, you also should be concerned about your site’s vulnerabilities especially if all it takes to get through is a password and username. If someone gains access to these areas, they can not only view or take restricted info but change your security settings, blocking normal users or allow in other unauthorized users.
It also reduces phishing risk. The ‘human factor’ is also what causes employees to click on fake sites or emails thinking they’re legitimate. This can introduce malware into your system, or worse, ransomware, which can encrypt your network until you pay the hackers off. A strong security policy and employee education can help reduce these risks, along with two-factor authentication.
New to SMS marketing? That's okay! Click on the link below for a free SMS marketing guide of how your business can get started on SMS Marketing today!