Law Practice Management, 0221 WYBJ, Vol. 43 No. 1. 56

AuthorMark Bassingthwaighte ALPS Missoula, Montana
PositionVol. 43 1 Pg. 56

Law Practice Management

Vol. 43 No. 1 Pg. 56

Wyoming Bar Journal

February, 2021

Mark Bassingthwaighte ALPS Missoula, Montana

There’s Something “Phishy” About Certain Text Messages

For the sake of your clients, I hope you, and every other person who works at your firm, know full well what phishing attacks are and at least the basics of how these email attacks can be thwarted. If not, it’s way past time for everyone to come up to speed, and I strongly encourage you to do so posthaste! Here’s why. Phishing attacks also occur in the text messaging space. This type of scam is called smishing. Think SMS phishing. Just as with email, cyber criminals are applying social engineering tactics to text messaging and it’s a serious threat.

Smishing is particularly problematic because people are more inclined to trust a text message than an email and are less aware of the security risks surrounding text messages. Basically, what happens is cyber criminals obtain phone numbers that have been exposed as a result of a data breach, or they use web crawlers to gather numbers from social media sites, or they may even just use a random number generator. Then they start sending out text messages trying to trick recipients into clicking on a link or calling a number as they attempt to capture login credentials or have the recipient unwittingly download a malicious app. Making matters worse, the number the text message appears to originate from can be a spoofed phone number, meaning it appears to be coming from a reputable source when it actually isn’t.

In order to help you and everyone else at your firm from becoming yet another victim of a smishing attack, here are a few tips that can make a world of difference if taken to heart. 1. Remember smart phones are computers. They need to be protected with a security app just like all your other computers. If you don’t already have a reputable security app running on your smart phone, get one now.

2. Don’t trust text messages that attempt to get you to reveal sensitive information, especially if the text contains a portion of your credit card or bank account number. This kind of information can be obtained as a result of data breaches and is sometimes used to try to convince recipients that the text is legitimate when it actually isn’t.

3. Always log in to any online accounts through your phone’s browser or through a company’s mobile app...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT