Smishing: A Emerging Threat

About:

• Smishing

  • It is a form of phishing that targets individuals through text messages or SMS.
  • Aim: Trick you into divulging personal information or downloading malware onto your device.
  • It is done in through following ways
    • Fake alerts and warnings: Scammers send texts pretending to be from legitimate institutions like banks, government agencies, or delivery services. They’ll claim there’s a problem with your account or a package delivery, prompting you to click on a link for more information.
    • Urgent requests: Smishers play on your emotions by creating a sense of urgency. They might promise prizes, warn of impending legal action, or claim your account is compromised, pressuring you to act quickly without thinking.
    • Exploiting current events: During tax season, scammers might pose as the IRS, offering tax refunds or threatening penalties if you don’t respond immediately. Similarly, they might capitalise on natural disasters or health crises to solicit donations or spread misinformation.

• How to identify and stay safe from smishing ?

  • Poor grammar and spelling: Many smishing messages contain grammatical errors or spelling mistakes, indicating that they may not be from a legitimate source.
  • Unsolicited requests for personal information: Be wary of messages that request sensitive information like passwords, Social Security numbers, or banking details. Legitimate organisations typically won’t ask for this information via text message.
  • Suspicious links: Hover over any links in the message (without clicking them) to see the URL. If it looks suspicious or doesn’t match the purported sender, it’s likely a smishing attempt.
  • Verify the sender: Before clicking on any links or providing sensitive information, verify the sender’s identity. Contact the institution directly using official contact information to confirm the legitimacy of the message.
  • Keep software updated: Ensure your smartphone’s operating system and security software are up to date to protect against malware and other threats. Consider installing reputable antivirus apps for an added layer of protection.

• Government Initiatives for Cyber Security

  • National Cyber Security Strategy 2020
    • Focus: Comprehensive roadmap for cyber security preparedness and response.
    • Elements: Includes awareness, prevention, detection, response, and recovery.
  • Cyber Suraksha Kendra
    • Role: Provides cyber security awareness and training.
    • Aim: Promote cyber hygiene and best practices among individuals and organizations.
  • National Critical Infrastructure Protection Centre (NCIPC)
    • Function: Monitors and protects critical infrastructure from cyber threats.
    • Collaboration: Works with sector specific agencies for coordinated defense.
  • Cyber Crime Coordination Centre (C4C)
    • Purpose: Facilitates interagency coordination in investigating cybercrimes.
    • Goal: Ensure efficient response and prosecution of cybercrimes.
  • Establishment of CERT-In: The Indian Computer Emergency Response Team (CERTIn) is the primary national agency for responding to cyber security incidents. It plays a crucial role in strengthening India’s cyber defense by issuing guidelines, advisories, and handling cybersecurity incidents.