Lesson 13 of 303
In Progress

Smishing

Christophe November 22, 2021

Ever receive a weird text message? Something a bit like this:

While this is a type of phishing attack, technically speaking, it’s called a Smishing attack (SMS + phishing).

If you ask people in the industry what type of attack this is, many will tell you it’s just called “phishing” since the umbrella term gets used by many. However, for the exam, it’s important that you be more specific than just call it “phishing” if it’s coming through an SMS or text message.

What are the telltale signs?

Can you list 3-4 tell-tale signs that this is a smishing attempt? Go ahead and pause here and resume when you’re ready, we’ll take a look at 6 giveaways…

  1. The phone number is fishy — a quick Google search reveals that it’s not associated with Apple…but usually, for something like this, I would get a push notification, especially since I’m on an iPhone
  2. I’d also receive an email in addition to this text message
  3. Apple-ID should not have a hyphen
  4. There’s a capital You after “To unlock it, ” which is a typo
  5. URL is a bit.ly link, which is a link shortener used to hide the real URL…basically, it redirects to the real URL through bitly’s services…Apple would never ever use bitly links for something like this
  6. The message ID is a bit strange and unnecessary here…it just looks like padding to me

What is the purpose of Smishing?

In this case, the attacker is probably going to link me to a page that looks like it was created by Apple, but in fact, was created by them. It will ask me for personal information, including email, current password, and maybe other facts like security questions.

Except because my account isn’t truly locked, if I were to go through with it, I would give the attackers my existing and valid email, password, and security questions, which they would then use to either log in to my account, or to sell that on the dark web.

Conclusion

So the next time you get a suspicious text message, look for warning signs. If you’re still not sure, the best action is to not click on the link provided in the SMS messages, and instead to manually navigate to the company’s website (ie: apple.com in my case), and access your account through there. If your account is truly locked, you’ll see it when you try to login.

You can, of course, also try to access your email associated with your Apple ID, and you’d have an email in there explaining the situation if it’s legitimate.

Responses

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.