National KE-CIRT/CC Cybersecurity Best Practice Guide of The Week

 

SMISHING(SMS PHISHING)

 

In This Issue:

   SMiShing

 

 

 

 

 

 

 

 

 

 

 

 

 

SMiShing is a security scam which tricks the user into downloading malicious software through SMS with the aim of collecting sensitive personal information from the victim. The scam is perpetuated by sending the victim an SMS which asks him/her to download a legitimate-looking program which is actually a malicious software or follow a link that pretends to be a legitimate service provider asking for sensitive customer details. While some might recognize this as a scam, many unsuspecting users would not.

 

TIPS ON PREVENTING SMISHING ATTACKS

You should also exercise precaution when using your phone by doing the following:

  • Don’t click on any SMS links you receive on your phone unless you know the person they’re coming from or confirm they are from legit service providers.
  • Even if you get an SMS link from a friend, consider verifying they meant to send the link before clicking on it.
  • Never install apps from text messages. Any apps you install on your device should come straight from the official app store. These programs have vigorous testing procedures to go through before they’re allowed in the marketplace.
  • If you have any doubt about the safety of a text message, don’t even open it.

 

REMEMBER – IF IT’S TOO GOOD TO BE TRUE, IT PROBABLY IS.

 

Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity

to  incidents@ke-cirt.go.ke. / www.ke-cirt.go.ke